CISA Releases Guide on TDoS-Based Attacks to Emergency 911

The Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet on telephony denial of service attacks (TDoS) and how stakeholders can prevent these threats from disrupting public safety operations. CISA said Tuesday that TDoS attacks are meant to overload the networks of emergency communications facilities such as 911 dispatch centers through various attack vectors.

The guide, titled “Cyber Risks to 911: Telephony Denial of Service”, provides details on such vectors including botnets, manipulated landline phones, compromised private messaging and mobile phone-based breaches. The fact sheet additionally covers real-life TDoS scenarios and highlights best practices to help agencies prevent TDoS attacks.

Telephony denial of service attacks (TDoS) present a unique risk to public safety communications stakeholders, including Emergency Communications Centers (ECC), Publics Safety Answering Points (PSAP), and other 911 dispatch centers. TDoS events overload communications network elements with telephone calls—disrupting a jurisdiction’s ability to provide emergency response services. In response, the Cybersecurity and Infrastructure Security Agency (CISA) developed the Cyber Risks to 911: Telephony Denial of Service fact sheet to educate the public safety community on TDoS threats. 

Public safety organizations can leverage this fact sheet to familiarize themselves with TDoS threats and mitigation best practices. Specifically, the fact sheet:

  • Overviews common TDoS attack vectors, including mobile phones, botnets, voice over Internet Protocol services, compromised private branch exchanges, preprogrammed landline phones, and variable security standards,
  • Highlights real-world TDoS incidents and impacts, and
  • Provides best practices to mitigate TDoS vulnerabilities.

CISA developed the fact sheet in coordination with public safety stakeholders and cybersecurity subject matter experts to ensure the best practices support the public safety operations environment.

July 6, 2018

Cybersecurity attacks happen all too often, and attackers are becoming more bold and sophisticated by disrupting critical phone systems and putting 911 emergency call centers at risk. Similar to Distributed Denial of Service (DDoS) attacks on critical online services, Telephony Denial of Service (TDoS) attacks render emergency systems unavailable by saturating them with bogus calls and potentially causing great harm to those who truly require urgent first responder attention.  

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has partnered with SecureLogix, a San Antonio-based telecommunications security company, to solve complex TDoS issues and develop defense-based solutions to prevent these attacks. TDoS attackers target 9-1-1 emergency call centers and other critical service providers. These attacks are increasing in frequency and everyone is vulnerable. Reasons for TDoS attacks range from extortion to disruptive pranks. These attacks pose significant risks to banks, schools, hospitals, and even government agencies. When banks are attacked, customers are denied access to their accounts. If synchronized with a DDoS attack against a bank’s internet or mobile presence, this may prevent customers from even contacting their bank….