Food For Thought: Hackers Could Take Down 911 System Leaving Motorists Helpless
Imagine this scene: You are driving along, minding your own business, when suddenly a car-load of people runs a red light on your right, speeding into the intersection whose traffic flow has your car crawling along at 10 mph. You watch helplessly – there’s nothing you can do and no place to go because you are blocked in on all sides – as the speeding vehicle takes aim at the right-hand side of your 2016 VW Passat.
Suddenly, time seems to slow to a crawl as the vehicle, a 2012 Jeep Grand Cherokee, powers straight for your VW. Things take on an eerie time-lapse quality as the SUV lurches toward your sedan. However, before you know it, there’s the crunching sound of metal-on-metal as the front end of the SUV tears into your VW.
Crashes Need Reporting System
Next, the entangled vehicles pirouette around as your sedan absorbs the brunt of the force. The direction is a response to the angle at which the SUV hit the side of your vehicle. The pirouetting vehicles quickly separate, losing momentum as they come to rest. Now, you look out of your wrecked car and see there have been injuries; the authorities have to be called.
Keeping your wits about you dial 911, only to hear a busy signal, so you hit redial, and the emergency response line remains busy and you punch it again, and it goes on and on; there’s no way to break through the wall of busy that encloses the 911 system.
Does this sound farfetched and a bit over the top? It’s not as a report that appeared this week in most major media outlets discussed a report by an Israeli research team that points out how a 911 blackout might be achieved. It’s a nightmarish recipe:
Take 6,000 already-hacked smartphones (most smartphones have tons of malware already installed, though most people don’t know it), program a black app to launch the attack and there goes the 911 system. With constant calls and redials, chaos would rapidly ensue as system grinds to a halt with no calls getting through. Think of what this would mean for you.
Take the accident story that was shared above. If there was no way to get to 911 and the crash occurred in the middle of nowhere, then the chances are better than even that if significant injuries involved the folks who were hurt, they could quickly be facing very profound – life-threatening -- issues as delays in getting assistance mounted to the breaking point. The breaking point here being the point where someone succumbs to an injury.
Nightmare Scenario That Could Happen
Do you suppose this couldn’t happen? The report by researchers from Israel’s Ben Gurion University paints a grim picture of what might happen if a dedicated group of hackers decided to take down the 911 system. It is a system whose importance is underscored by the fact that the Department of Homeland Security (DHS), the National Highway Traffic Safety Administration (NHTSA)’s Emergency Medical Division and others consider the 911 system a critical piece of infrastructure.
Indeed it is essential, especially for motorists. According to statistics gathered in 2014, the most recent year for which statistics are available, 240 million calls are made to the 911 emergency response system every year. Of that number, 70 percent of 168 million are made from cellular phones or smartphones with access to mobile networks. Given the numbers of phone calls placed and the reliance, drivers have on it; the 911 system must remain operational in the face of all odds.
Imagine what would happen if, in the incident described above, if you couldn’t get police or fire or other emergency response to your site. Instead, the only thing you are getting is a busy signal because a hacker group has compromised a number of phones and has them continually calling a 911 system. That type of attack is known as a distributed denial of service or DDOS attack. The purpose is to close down access to the network under attack. Indeed, the Ben Gurion research team, Mordechai Guri, Yisroel Mirsky and Yuval Elovici, say a network of 6,000 hacked smartphones could effectively foreclose service in a state the size of North Carolina. Their research paper, in fact, uses North Carolina as the basis for their recommendations.
The researchers believe that since there is so much malware already out there installed on smartphones that it may only be a matter of time before someone does the unthinkable. The researchers have shared this information with DHS. DHS has also warned of the potential dangers of a DDOS attack.
It might seem easy to think that blocking such an attack would be easy. However, it is not the case because of the older mix of technologies involved in the 911 system. There is no standardization as would be the case in a nationally backed system. States and localities operate 911 and E911 systems. Their systems are based on older analog switch technology which only recognizes calls coming in and doesn’t differentiate between the types. This means that a network of thousands of hacked phones could throw up enough noise at a 911 system to bring it down.
Strong Actions Needed Now
Experts state it will take a significant effort to modernize and standardize 911 systems. It will take an enormous amount of commitment and an investment of billions to make a hack-proof 911 system happens. It will require massive hardware and software changes as well as an investment in IP networks to make this happen.
Meantime, that still leaves the average motorist at the mercy of a system over which he or she has no direct control. Yes, cellphones and smartphones have access to these networks, but there’s no way to control what’s coming. That’s why it is giving many pause about or near absolute reliance on an emergency communication system that is so vulnerable. It is something that should have every motorist thinking, thinking quite hard indeed.