Telephony Denial of Service attacks against 911 call centers.
Please reference the below resources for further explanation of Telephony Denial of Service (TDoS) attacks. In short, they are an automated or coordinated manual attack against 911 infrastructure designed to flood call centers’ voice lines, rendering them unable to respond to or make legitimate calls.
What can we do?
The Center for Internet Security (CIS) recommends the following:
- Partnership with Telecom carriers to understand their blocking and filtering capabilities.
- Remind employees to practice good security procedures and not disclose personal or organizational information to the callers.
- Develop a plan to record malicious calls.
- Ensure a secondary means of communication like Text to 9-1-1.
- Limit the number of phones the attacked number rings on.
- Segment and diversify voice infrastructure to different PRI, SIP trunks, VoIP routers or PBX.
- Note if the call appears to originate from a legitimate source. Sometimes victims of attacks can have their calls routed to other victims to create a “party line” attack. Report this to other victims and be prepared to combine resources to track attacks.
The FBI recently released an article with similar info: https://www.ic3.gov/Media/Y2021/PSA210217.