Researchers at Israel's Ben Gurion University created a method for disabling the U.S. 911 emergency system with telephony denial-of-service (TDoS) attacks.
The technique involves planting malware on mobile phones so they automatically make fake 911 calls without their owners' awareness, creating a call-center bottleneck. The malware can thwart a 911 system's attempts to blacklist the hijacked phones because it makes the devices send random IDs to cell towers, changing the ID with each call.
The Ben Gurion team tested the method with a simulated cellular network modeled after North Carolina's 911 network, and found 6,000 infected smartphones are sufficient for causing statewide disruption. They also estimated a national disruption could be launched with 200,000 infected phones circulated across the U.S.
The National Emergency Number Association's Trey Fogerty says his group has long known about the TDoS threat, and warned the U.S. Department of Homeland Security about it four years ago. "We actually believe that the vulnerability is in fact worse than [the researchers] have calculated," he says.
The Ben Gurion team suggests state-level disruptions could be prevented by building redundancy into 911 networks, while a federal solution is to waive carriers' requirement to process calls from phones that are not attached to a service plan.
From The Washington Post
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA