TDOS: A Threat To Emergency Communication

Written by KOVA Corp

TDOS (Telephony Denial of Service) is an ongoing threat to basic public safety communications. Information gathered from a multitude of jurisdictions continues to show that this kind of an attack remains a serious threat to public safety.

Perpetrators identify a network and then flood it with incoming calls, tying up the network and blocking any emergency calls going through to dispatchers. To date, over 200 TDOS attacks have been conformed.

A checklist has been created through the cooperation of Federal authorities, commercial service providers, and local and state public safety representatives in order to facilitate the formation of continuity of operations plans in the event of an attack.

Before An Attack

Preliminary work is essential to successfully coping with an attack.

1. Contact your service provider and discuss how best to respond to a TDOS attack. Be sure to include all service providers and emergency communications vendors in this discussion.

2. Make sure public safety communicators have direct access to the service provider’s response team for a TDOS.

3. Discuss with your telephone systems engineer to find ways to protect your system from attack. Configuration adjustments might be able to shield critical lines from administrative and other lines – by preventing a landslide of calls from overloading non-critical lines and rolling them over to 9-1-1 emergency operators.

4. Remind and reassure telephone operators that if they are attacked, it is not their fault. Be sure to caution them against revealing any personal information in an attack. A sophisticated criminal enterprise, a TDOS attack can result in identity theft.

During An Attack

"1. Save the voice recording of suspects who may call before, during or after the TDOS events.

2. Record all phone numbers and account information, if the caller is demanding payment(s):

i.    Start and stop times of the events

ii.   number of calls per hour or per day

iii.  phone numbers and other ANI/ALI information of the incoming calls

iv.   IP addresses if applicable

v.    Any instructions for how to pay, such as account number, call-back phone number, etc.

3.  Retain all call logs and IP logs.

4.  Attempt to separate the affected phone number from 9-1-1 and other critical trunks – work with your PBX provider/maintainer.”

After An Attack

1. As soon as possible, a complaint should be filed

  • With the Internet Crime Complaint Center. The Center is the fruit of collaboration between the FBI and the National White Collar Crime Association.
  • When filing a complaint, be use to use the key words TDOS, PSAP, and Public Safety in the description.
  • With your local police department or sheriff’s office.

If law enforcement is unsure of how to proceed, they can contact the FBI, the FCC, the FTA (Federal Trade Association), or the Department of Homeland Security to obtain resources to aid their investigation.

2. Mark for retention all call or IP logs.

TDOS is a very real threat to public safety. Preparing for an attack can help ensure that disruptions are contained as much as possible, and 9-1-1 operations are not completely disrupted. It is advisable that 9-1-1 call centers and PSAPs share this information with other public safety institutions, such as ambulance services, hospitals. etc.

 

Is Your Organization Ready to Optimize their Public Safety Systems?

eyeusers