NBC News discusses denial-of-service attacks against 911 call centers across the country:
The Next Generation 911 systems will have advanced security baked into their foundations, including the ability to instantly identify suspicious activity, immediately shut down in response to intrusions, and simultaneously move incoming calls to other centers in a way that is undetectable to someone dialing for help, officials say.
But the increased connectivity also opens the modern systems to new potential modes of attack, experts say. No matter how sophisticated a defense, all it takes is one overlooked vulnerability to let hackers in, experts say.
That makes it essential to develop sophisticated defense systems run by in-house cybersecurity teams, they say.
In Baltimore’s case, the ransomware attack was discovered and repelled by Baltimore City Information Technology, which maintains defenses across the local government. It determined that the hackers had found access after a technician troubleshooting the computer-aided dispatch system made a change to a firewall and mistakenly left an opening, the city’s chief information officer, Frank Johnson, said in a statement. The FBI is now helping the city investigate.
Howard, in Tennessee, knows how his attacker obtained access to the 911 center — by finding a weak password left by a deceased former system administrator. The FBI told him it looked as if the attack came from Russia. But he still isn’t sure.
The December 2015 attack against a Ukrainian power company, which left over 230,000 people without power for up to six hours, experienced a call center denial-of-service. The attackers purposely targeted the support desk to confuse operators, so they would remain unaware their customers were experiencing an outage. It is a smart tactic from an offensive perspective, and likely a technique most groups will increasingly use in the future. Citizens need to be made aware this is a possibility, especially with Russia targeting the US power grid and other critical infrastructure.
Frankly I am surprised it has taken so long for these attack types to become mainstream news. Nation state attackers will use any means necessary to achieve their goals. Every available technique and tool in their arsenal will be used, and often times they come in shapes we do not normally associate with what is generally considered a traditional cyber attack.
That I even used that phrase – traditional cyber attack – demonstrates a certain level of expectation in cyber warfare. While there are to-date a number of traditional models, cyber attacks do not follow normal kinetic attack patterns. This is not necessarily only because cyber is ethereal, but also because of its infancy, and the sheer number and scale of attack vectors. As cyber warfare continues to age there will be a greater understanding of the techniques, the targets, their effectiveness, and the strategies used by sophisticated nation state actors.