For many years a level of frailty has existed in the nation’s 911 network and its primary level of protection has been “security through obscurity“. The configuration of the network and details of its inner workings were not documented, at least not publicly, and only a relatively small group of people understood the actual operations. With modern-day communications, social media, and the growingly popular hacker community events it was only a matter of time before the proverbial ‘genie’ was let out of its bottle. Information on hacking 911 networks and systems going mainstream with it.
Certainly one of the oldest hacker conventions on the planet, and by far the largest, is the DEF CON event held in Las Vegas. 2014 marked the 22nd year of this event, but it also had some significance to the public safety community. You see, it was on Saturday, August 10 at the 10 AM Track 2 session where Christian Dameff, MD (@CDameffMD )and Jeff Tully, MD (@jefftullymd) openly discuss the archaic nature of the 911 dispatch system and its failure to evolve with technology over recent years. In addition to being recently graduated medical doctors they are both DEF CON regulars and described themselves as “researchers with a passion for the intersection between security and healthcare”.
One of the things they noticed is that quite often when 911 recordings are released to the public they include DTMF tones that can be decoded. This could unintentionally expose information about the caller as well as the agency, which in turn could be used in a denial of service attack.
Based on this I would expect to see new NENA and APCO recommendations to public safety agencies that redacted these tones on future distributions of 911 call audio. Which would be a huge step in the direction of protecting the skimming of this sensitive information.
For the past several years in my Avaya CONNECTED Blog, I’ve been covering the various SWATTING attacks that have plagued public safety agencies large and small. Fortunately, most of those incidents have utilized relatively rudimentary tactics that included social engineering of a relay service operator who provides service designed for the deaf and hearing impaired. Many times those attempts will leave trace elements behind, and with tenacious investigation efforts many times the executors of those crimes are found, prosecuted, and sentenced.
Hacking the telephone network is certainly nothing new. Whether it was the “blue box” built by Steve Wozniak, or the Cap’nCrunch whistle used by John Draperthat could be modified to emit a perfect 2600 Hz tone (effectively putting the nation’s long-distance network at your beck and call), hacking has been an active pastime of many of the great innovators today.
Its original use was to bypass the incredibly high toll charges we were subject to by the telephone company for long-distance and international calls. Phone phreaking went mainstream when the story was published in the October 1971 issue of Esquire Magazine. A copy of that article is available online here.
While phreaking has all but died out, since toll fraud is no longer popular thanks to flat rate cellular plans and unlimited home phone long distance available for unbelievably low rates, phone “phreaking” took on a more sinister nature.
Will the recent Wired article have the same impact on hacking E911 that the Esquire article had on hacking telecommunications? While that’s yet to be seen, the potential impact is certainly much more dire, and that is something Public Safety needs to consider.
Mark J. Fletcher, ENP is the Chief Architect for Worldwide Public Safety Solutions at Avaya. As a seasoned professional with nearly 30 years of service, he provides the strategic roadmap and direction of Next Generation Emergency Services in both the Enterprise and Government portfolios at Avaya. In 2014, Fletcher was made a member of the NENA Institute Board in the US, and co-chair of the EENA NG112 Committee in the EU, where he provides insight to State and Federal legislators globally driving forward both innovation and compliance.