America’s 911 emergency system, a critical lifeline for millions of citizens, faces an escalating cybersecurity crisis that threatens public safety on an unprecedented scale. As emergency communication centers transition to Next Generation 911 (NG911) systems, they’re becoming increasingly vulnerable to sophisticated cyber-attacks that can paralyze emergency services when communities need them most. Many conversations have revolved around NG911, when will we be “there”? The simple answer is never. Because NG911 is always evolving and changing, and transforming. We will always be reaching for growth with new technologies, but with that growth comes challenges.
The Digital Transformation Challenge
The evolution from traditional analog phone systems to internet-based NG911 networks has revolutionized emergency response capabilities. These modern systems enable citizens to send text messages, images, and videos to 911 centers, providing dispatchers with richer information to coordinate emergency responses. However, this digital transformation has created new attack vectors that malicious actors are actively exploiting.
While some Public Safety Answering Points (PSAPs) have the advantage of having dedicated fiber for connectivity, many now operate on Internet Protocol (IP) platforms that connect them to the same networks used for everyday internet traffic. While this connectivity enhances operational capabilities, it also exposes these critical systems to the same cyber threats that plague other internet-connected infrastructure.
Primary Cyber Threats for PSAPs to be aware of:
Distributed Denial of Service (DDoS) attacks represent the most immediate threat to 911 operations. These attacks flood emergency centers with massive volumes of fake calls or data traffic, overwhelming servers and preventing legitimate emergency calls from reaching dispatchers. Research has shown that as few as 6,000 compromised smartphones can generate enough malicious traffic to shut down 911 services across an entire state. https://www.helpnetsecurity.com/2020/03/13/ddos-911/.
Telephony Denial of Service (TDoS) attacks specifically target phone systems, using automated dialers to bombard 911 centers with thousands of fake emergency calls. During such attacks, legitimate callers experience busy signals or extended wait times, potentially delaying critical emergency response.
Ransomware attacks pose another severe threat, with cybercriminals encrypting vital PSAP systems and demanding payment for restoration. These attacks can completely halt 911 operations, forcing emergency centers to rely on backup systems or manual processes that significantly slow response times.
Data breaches represent a growing concern as NG911 systems handle increasingly sensitive information, including precise caller locations, personal details, and potentially graphic emergency footage. Compromised data can lead to privacy violations and identity theft, while also undermining public trust in emergency services.
Real-World Impact
The Department of Homeland Security has identified emergency services as increasingly likely targets for cyberattacks, with threat actors recognizing the critical nature of these systems. Recent surveys indicate that 911 centers are experiencing rising stress from system failures and cyberattacks, creating additional strain on already overburdened emergency response infrastructure.
The vulnerability of 911 systems extends beyond individual PSAPs. Modern emergency response relies on interconnected networks that share data between multiple agencies and jurisdictions. A successful attack on one center can potentially cascade through the entire regional emergency response network.
The Path Forward
Addressing these cybersecurity challenges requires a multi-layered approach combining technological solutions, staff training, and regulatory frameworks. Emergency centers must implement robust cybersecurity measures while maintaining the rapid response capabilities that define effective emergency services. Some agencies have approached the challenge with staff training by banning Internet access. Others have increased awareness through training and implementing scenario suspicious emails as part of a full-fledged program. Still, when the Internet is tied in with critical systems such as CAD, phones or radios, one wrong click on an Internet site can introduce a variety of viruses and cyber threats to the entire system.
As cyber threats continue to evolve, protecting America’s 911 infrastructure has become not just a technical challenge, but a critical national security imperative.
For each of these primary cyber threats listed, there are approved ways to stop the threat immediately when it is recognized or prevented before it occurs. Check with your local provider or contact us if you are unsure what to do, and we will assist you in helping keep your PSAP safe.