Authorities have not yet identified the type of attack. While it’s theoretically possible to organize an all-human calling campaign against the emergency call centers, these attacks appear likely to be computer-generated via Internet-connected voice services, cybersecurity experts say.
The TDoS attacks are part of an extortion scheme, federal authorities say. It begins with a phone call to a call center from an individual claiming to represent a collections company for payday loans. The caller “usually has a strong accent of some sort and asks to speak with a current or former employee concerning an outstanding debt,” the March alert said. The person with the accent demands payment of $5,000 from the call center because of default by the employee, who either no longer works at the PSAP or never did, authorities say.
If nobody pays the requested $5,000, the person then launches a TDoS attack. Typically, the PSAPs being targeted are then swamped by a continuous stream of calls that goes on for hours, blocking incoming and outgoing calls.
While the phone attack may stop for several hours, it has also resumed. Government offices and emergency services are “targeted” because functional phone lines are a necessity, authorities say.
There are more than 6,000 PSAPs nationwide. Attacks that have delayed or blocked emergency help at the affected PSAPs could cause deaths by blocking medical crews from reaching victims, cybersecurity experts say.
The attacks appear to be part of a three-year trend among cybercriminals that specialize in distributed denial-of-service (DDoS) extortion attacks over the Internet against business websites. These individuals threaten to block customers from reaching the businesses unless the companies pay.
Behind the trend is a confluence of increasing malware sophistication and one-stop shopping for cybercriminal services. Such services, researchers report, are advertised on some black-market Internet forums. They offer to bombard telephone lines for $5 per hour, $20 for 10 hours, or $40 a day.