NextGen 911 and the Future of Emergency Management
Almost every emergency response begins with a call to 911, and states have begun the process of modernizing the current outdated call-center answering infrastructure with a digital upgrade. NextGen 911 (NG911) is the modernization initiative states are implementing to better facilitate emergency response.
In the NG911 environment, the large telecom companies in charge of maintaining the 911 answering system (AT&T and Motorola) computerize the process, routing calls through an emergency services IP network (ESInet) instead of the currently used call centers. Ideally, computerizing the system reduces the likelihood that calls will go unanswered, either because a system is inundated with too much incoming network traffic or because the resources are not available to handle the calls. But defending a computerized system against cyberattacks is no simple task.
Of course, significant attention is being paid to security and reliability during testing and integration of the new system, but unfortunately, as is the nature of cyberattacks, understanding how to defend against attacks often happens after a disaster has already occurred.
The good news is that the ESInet is a closed-circuit system, meaning outside access is restricted and incoming traffic is limited to incoming 911 emergency calls. Additionally, overwhelming a computer is much more difficult than overwhelming a telephone line. That said, whether a telephony denial of service (TDoS) attack could render a NG911 response center inoperable remains to be seen. Additionally, because NG911 centers are maintained by telecom companies, whether a cybercriminal or terrorist could hack into AT&T, Motorola or whichever telecom company has that jurisdiction’s contract and shut down the answering service also is an unanswered question. The diligence and methodical testing and monitoring of these systems, as well as the cybersecurity practices of the telecom companies themselves, is a very good indicator that shutting down the NG911 infrastructure would be extremely difficult—but of course, not foolproof.
Even further, because of the way emergency managers integrate abandonment and special events routing into the NG911 system, incorporating hierarchical dissemination of calls if the system determines an answering center is unresponsive, the sophistication of an attack capable of shutting down the entirety of a state’s NG911 system would have to be exceptionally complex, even if a single center was able to be taken offline. None of this is to say such an attack is impossible, but the safeguards in place to protect against outside threats should be reassuring to the public.
Third-party hacks are a persistent threat and cyberattacks are becoming consistently more complex. The importance of prioritizing strong defenses and diligent system monitoring cannot be overstated. The computerization of goods and services is inevitable, and there will be devastating consequences if systems like these are not adequately protected. Thankfully, there are dedicated, passionate individuals determined to keep others safe despite any new vulnerabilities that may arise. The ability to disturb and disrupt incoming emergency calls is nothing new, and the extent to which computerizing the process eliminates more issues than it creates is unknown. Likewise, the extent to which a computerized system becomes a more (or less) appealing target is also unknown. NG911 will fundamentally change how emergency calls are received and responded to, which is why we need to make sure securing the system is a top priority.
For now, as a general best practice, I’d advise saving the number of your local police station, firehouse and hospital (EMT) in your phone, just in case getting through to 911 is difficult. Also, make sure your own devices are secured with current security updates to prevent a hacker from compromising you or recruiting your tech into a botnet for nefarious purposes.
