Hacking 911: Is the Genie out of the Bottle?

For many years a level of frailty has existed in the nation’s 911 network and its primary level of protection has been “security through obscurity“. The configuration of the network and details of its inner workings were not documented, at least not publicly, and only a relatively small group of people understood the actual operations. With modern-day communications, social media, and the growingly popular hacker community events it was only a matter of time before the proverbial ‘genie’ was let out of its bottle. Information on hacking 911 networks and systems going mainstream with it.

Certainly one of the oldest hacker conventions on the planet, and by far the largest, is the DEF CON event held in Las Vegas. 2014 marked the 22nd year of this event, but it also had some significance to the public safety community. You see, it was on Saturday, August 10 at the 10 AM Track 2 session where Christian Dameff, MD (@CDameffMD )and Jeff Tully, MD (@jefftullymd) openly discuss the archaic nature of the 911 dispatch system and its failure to evolve with technology over recent years. In addition to being recently graduated medical doctors they are both DEF CON regulars and described themselves as “researchers with a passion for the intersection between security and healthcare”.

One of the things they noticed is that quite often when 911 recordings are released to the public they include DTMF tones that can be decoded. This could unintentionally expose information about the caller as well as the agency, which in turn could be used in a denial of service attack.

Based on this I would expect to see new NENA and APCO recommendations to public safety agencies that redacted these tones on future distributions of 911 call audio. Which would be a huge step in the direction of protecting the skimming of this sensitive information.

For the past several years in my Avaya CONNECTED Blog, I’ve been covering the various SWATTING attacks that have plagued public safety agencies large and small. Fortunately, most of those incidents have utilized relatively rudimentary tactics that included social engineering of a relay service operator who provides service designed for the deaf and hearing impaired. Many times those attempts will leave trace elements behind, and with tenacious investigation efforts many times the executors of those crimes are found, prosecuted, and sentenced.

Hacking the telephone network is certainly nothing new. Whether it was the “blue box” built by Steve Wozniak, or the Cap’nCrunch whistle used by John Draperthat could be modified to emit a perfect 2600 Hz tone (effectively putting the nation’s long-distance network at your beck and call), hacking has been an active pastime of many of the great innovators today.

Its original use was to bypass the incredibly high toll charges we were subject to by the telephone company for long-distance and international calls. Phone phreaking went mainstream when the story was published in the October 1971 issue of Esquire Magazine. A copy of that article is available online here.

While phreaking has all but died out, since toll fraud is no longer popular thanks to flat rate cellular plans and unlimited home phone long distance available for unbelievably low rates, phone “phreaking” took on a more sinister nature.

Will the recent Wired article have the same impact on hacking E911 that the Esquire article had on hacking telecommunications? While that’s yet to be seen, the potential impact is certainly much more dire, and that is something Public Safety needs to consider.

Follow me on Twitter @Fletch911

Read my other AVAYA CONNECTED Blogs

Mark J. Fletcher, ENP is the Chief Architect for Worldwide Public Safety Solutions at Avaya. As a seasoned professional with nearly 30 years of service, he provides the strategic roadmap and direction of Next Generation Emergency Services in both the Enterprise and Government portfolios at Avaya. In 2014, Fletcher was made a member of the NENA Institute Board in the US, and co-chair of the EENA NG112 Committee in the EU, where he provides insight to State and Federal legislators globally driving forward both innovation and compliance.

What was Behind the Massive E911 Outages in the Pacific Northwest?

(Express-Times photo (2010))

As we move towards IP-enabled emergency services networks in the United States, we supposedly leave behind an archaic, TDM-based, hardwired point-to-point infrastructure with a new, resilient architecture that is easily rerouted around a failed segment. But exactly what happened in the Pacific Northwest when a supposedly planned maintenance event took out communications across a two-state area?

The immediate reaction by many was disbelief. After all, haven’t we learned our lesson in diversity and single points of failure with the massive outages in the Northeast from hurricane Sandy?

Nonetheless, the incident did happen, and for nearly 6 hours most — if not all — of 911 was off the air, stranding a reported 4,500 callers who needed assistance, according to a report from KIRO-TV.

As a professional in the public safety communications business, what I find slightly insulting are statements that make it into the press such as: “caused by an isolated system issue that was promptly resolved after root cause identification.”

While the term “promptly resolved” may be reassuring to the general public, the qualifier of, “after root cause identification” is the more troubling piece of information.

I can only imagine my daughter pulling into the driveway telling me that she had a flat tire, but she “promptly changed it, as soon as she realized it was flat” only then to realize that it took her six hours to realize she had a flat tire, hence the smoking, mangled wheel in the trunk of the car.

One of the areas of caution for public safety communications officials is going to be the monitoring of systems, and their interaction with the overall network. This is a significant point that needs to be taken under serious consideration when building and designing next-generation emergency services networks.

Public safety has always operated behind a closed curtain, taking the stance that important life-safety work was happening, therefore they should not be hampered by rules and policies that could affect their important mission.

But one area that has to be acknowledged is that commercial networks have come of age and have learned from previous events that include natural disasters, DDoS attacks, and direct attacks by some of the best hackers on the planet. The very resiliency and reliability that they demand to perform their mission critical life safety function is the identical resiliency and reliability that the world’s largest financial institutions demand to protect their data, as well as their customers.

When we sit back and look at the functionality that “Next Generation 911″ will bring into the public safety workspace, it is the world-class multi-modal, multi-channel functionality we have been delivering to commercial entities for decades.

Communications is an app on the network. Inbound and outbound communications events are easily coordinated and managed based on specific criteria. The age-old adage of routing a caller to a resource with close proximity to them only makes sense when there isn’t a large scale massive event taking place.

At the recent FCC workshop discussing the transition of 911, NENA’s Trey Forgety brought up the very relevant point that during a massive emergency event, the best place for the Public Safety Answering Point (PSAP) may be in the back of a hardened vehicle that is driving away from the emergency to an area where they will be safe and can establish a new fixed operational base.

While that’s an excellent plan, it requires a whole new method of thinking and engineering.

I often remind the engineers I work with that an Internet Protocol (IP) session does not mean we’re putting information on the “Internet”. It means that were using the Internet protocol — a network of network — to route information from node to node.

Under normal sunny-day conditions, that IP-based network may very well remain within the walled garden of an agency’s network. But when an emergent condition exists at the time of a disaster, we need to be able to dynamically open gateways to specific paths within the garden that are accessible from the outside. Of course in doing so, the highest level of security needs to be considered and implemented.

I believe that what has yet to be developed, or has not been developed enough, is the technical acumen of networking technology by public safety specialists. As I sit back and think, I can almost count on a single hand the number of people that I would feel comfortable with designing modern IP-based critical communications environments.

When I’m asked what value Avaya brings to the public safety table, I talk about our decades of resilient, reliable, redundant communications, and keeping the proverbial “lights on” in some of the most dire events of the past few decades. As examples, I again look to our large financial and commercial contact center customers who have worked their way through 9/11, massive blackouts across the Northeast, and as the newly coined Derecho and Blizzards on the planet.

Be sure to join me on April 22 for a free webinar sponsored by our good friends at Smart 911 and Rave Mobile Safety. I’ll be joined by Todd Piatt from Rave, and Bill Schrier (@BillSchrier) who is with the State of Washington office of the CTO, where will be discussing NG9-1-1 / First Net in the changing role of 911.

I will also be kicking off the 2014 series of the Public Safety Best Practices Forum at the Embassy Suites Hotel at the Seattle Tacoma International Airport in Washington on Thursday, April 24, where I will be joined by Patrick Botz from Voice Print International, Inc., and other industry colleagues. If you are in the Seattle-Tacoma area and want more information you can go to http://psapforum.com/Seattle.

Want more technology, news and information from Avaya? Be sure to check out the Avaya Podcast Network landing page athttp://avaya.com/APN. There, you will find additional podcasts from industry events, such as Avaya Evolutions and INTEROP, as well as other informative series by the APN staff.

Thanks for stopping by and reading the Avaya Connected blog on E911. I value your opinions, so please feel free to comment below or, if you prefer, you can email me privately.

Follow me on Twitter @Fletch911

Read my other AVAYA CONNECTED Blogs

Mark J. Fletcher, ENP is the Chief Architect for Worldwide Public Safety Solutions at Avaya. As a seasoned professional with nearly 30 years of service, he provides the strategic roadmap and direction of Next Generation Emergency Services in both the Enterprise and Government portfolios at Avaya. In 2014, Fletcher was made a member of the NENA Institute Board in the US, and co-chair of the EENA NG112 Committee in the EU, where he provides insight to State and Federal legislators globally driving forward both innovation and compliance.

E911 Big Data – The Next Horizon

Screenshot 2015-10-25 13.57.05

As we wrap up the events of 2012, I can’t help but look back on the fast-paced evolution that is taken place in the Public Safety industry. In the beginning of the year, NG911 was officially conceived when it was promulgated by the Next Generation 911 Advancement Act of 2012 that was part of the Middle Class Tax Relief and Job Creation Act signed into law by the President in February.

By strange coincidence, just nine short months later, NG911 networks are being born around North America with texting to 911 being touted in several areas around the country. With these new emergency services networks being built, and ready to accept the extremely important “additional data” objects that originating networks can easily provide, the days of matching telephone numbers with street addresses in some archaic database that cannot be efficiently and affordably updated, are quickly going to enter their sunset phase.

Some naysayers said it would never happen, or be years into the future, and banked on the continuance of the overburdened backend architecture of the legacy 911 network. Others, took a completely different tact and turned to technology that was not necessarily innovative in its nature, but completely new to public safety networks. New mechanisms of dealing with the “Big Data” available in an emergency situation required a new way of thinking that was essentially foreign to this environment. Fortunately, enterprise businesses have been dealing with the concepts of “Big Data”, whether they knew it or not, since corporate networks came into existence.

“Your call will be answered in the exact order it was received”
Whoever came up with that concept had a very myopic view on business trends.

Unless you are a radio station giving away tickets to the latest concert, “the exact order in which your call was received” is probably the most useless business strategy when dealing with customers. Public Safety also has its share of customers, however those customers are usually calling with life-threatening issues. It’s easy to understand, how in the past, choosing the most important phone call out of a group of 10 would be nearly impossible. All of the buttons on the telephone flash at the same rate, and the ringer on the phone for each line is identical.

There is no indicator that is able to say “Hey! I am more important than the rest!” Given that scenario, potentially the fairest mechanism was “your call will be answered in the exact order it was received”.

Think about that for a second. That argument is really no longer valid, as the business world is full of analytical research. Businesses act a certain way based on statistical data that’s available. It could be consumer shopping habits around a holiday, web browser history and associated keywords, or just about anything else that’s measurable or recordable.

“Your NG911 call will be answered according to priority”
Here’s where the value of additional data, and Big Data, come into play. A classic example that’s commonly used when talking about intelligent call routing in an NG 911 environment is, a motor vehicle accident on the highway is generating 10 or more simultaneous calls into a single PSAP. These calls are identified based on two things. First, their origination network is the cellular network. Secondly the geodetic coordinates of the device match the coordinates of a motor vehicle accident already being worked.

Assumption:  Callers 2 through 10 are most likely calling about the motor vehicle accident. If there are no additional calls in queue, these can be answered “in the exact order in which they were received” following the legacy standards already in place.

But, caller 11 shows up in the queue, and is originating from a landline telephone registered to a residence across town.

Assumption: Caller 11 is most likely NOT calling about the known motor vehicle accident, and therefore is escalated in the queue, or assigned to a call taker who has been reserved for when these conditions have been met.

Those of you who operate enterprise call centers, can already see the pattern developing here. While legacy public safety vendors are busy spinning their wheels trying to figure out how to deliver multimedia sessions to emergency call takers, folks like Avaya have figured that out years ago, and in many cases pretty much invented the call handling functionality, or at least were the first to implement it.

It’s called workforce optimization or WFO, and it’s a common function found within the contact center products. We already know how to deal with “Big Data”, analyze it, and use it to efficiently route to call taker resources in large multisite networks. Although some may say calling a large retailer to complain about your refrigerator delivery carries nowhere near the urgency or resiliency required for public safety, and while I agree there is a significant difference in the nature of the calls, I also need to remind you of some simple facts.

Most recently during hurricane Sandy in the Northeast, the utilities infrastructure was badly damaged with countless individuals out of service. For those citizens who had emergencies, in many cases those calls went to fast busy or unanswered as the legacy 911 network became oversubscribed and the calls went into a black hole “in the exact order they were received”. On the other hand, if you called Delta Airlines to find out if your flight was delayed, you were routed to a resource that could provide you with information or assistance. You might also be able to call your power provider, and based on your customer profile, you may be presented with a power restoration estimate.

The bottom line is that intelligent call handling, offloading calls that matched a particular pattern, and looking at the “Big Data” associated with sessions, the network can dynamically fine tune it’s routing functionality to ensure that “Your call will be routed to the Best Resource, in the exact order in which it was received.”

While doing some research on this topic, I ran across a great article by colleague of mine, Kathy McMahon, who was the Technical Services Manager for APCO International. If you are looking for a nice read on the topic of GIS, take a look at her article from 2010 in Law Officer HERE.

Of course, getting that data into the Emergency Services IP Network is required, but fortunately the one thing we have understood for several years, is how to share data and collaborate across disparate networks in a secure and resilient manner.

She also confirms a point that I also feel very strongly about:
“[although] the conventional concept of civic address validation will continue to be used for NG9-1-1. The terms ANI, ALI and MSAG will go away because their functions will be replaced by GIS databases and a new location validation function (LVF). The GIS data, once validated, will provide location information that will be used for routing emergency calls to PSAPs. All of these elements working together will form the new emergency call routing function (ECRF) that’s a critical component of NG9-1-1.”

My crystal ball says in 2013 “the NG911 adoption rate will be unprecedented in both speed and reach and in addition to Public Safety NG911 ESInet deployments across the US, you will see Enterprise networks providing Big Data to this new eco-system of information.”

Follow me on Twitter @Fletch911

Read my other AVAYA CONNECTED Blogs

Mark J. Fletcher, ENP is the Chief Architect for Worldwide Public Safety Solutions at Avaya. As a seasoned professional with nearly 30 years of service, he provides the strategic roadmap and direction of Next Generation Emergency Services in both the Enterprise and Government portfolios at Avaya. In 2014, Fletcher was made a member of the NENA Institute Board in the US, and co-chair of the EENA NG112 Committee in the EU, where he provides insight to State and Federal legislators globally driving forward both innovation and compliance.

WordPress.com.

Up ↑