“911” Ring. Ring. Ring. Ring….
It’s easy to take for granted. You pick up a phone, punch a few buttons, and then someone’s there to help you in a time of great need, maybe even life or death.
It’s the emergency response phone system. Often called 911 in America. Although, it goes by other names; check out this list for emergency numbers in other countries.
A few months ago, this entire infrastructure was as risk. It wasn’t because of a huge government hack. Nor was it because a some lay about IT person, not standing guard. No, this hack happened at the endpoint, the end user. And the thing that almost crippled a national public safety system? A viral tweet.
In 1938, Orson Welles brought his novel War of the Worlds to the radio in a broadcast that forever changed the elevation between media and entertainment. What was intended to be an entertaining show for the listeners, ended up creating havoc as people believed the alien invasion was real. The viral incident created mass panic as people contacted the authorities and tried to evacuate to safety. This all happened before 911 even existed…
The hysteria that such a viral event can cause is all too real. The structure and discipline of public safety is even more vital as it’s built to withstand mass incidents. It, above all else, should endure. It is through emergency phone systems that the help is dispatched and guided to the people in need. Imagine if this type of incident were to take place and your calls for help were met with busy signals…or even simply incessant ringing.
The viral tweet may have caused a few calltakers to become hysterical as the volume of their call centers suddenly became unmanageable. However, it did not create mass hysteria. It actually happened somewhat quietly. The call centers and responding agencies certainly noticed, but the rest of the nation was largely unphased.
Stay on the line.
On October 25, 2016, and lasting for about 12 hours, dozens of 911 call centers across the US were inundated with calls. The calls simply would not quit. There was no mass incident, no terror attack, or sudden hysteria. It was the result of tweet with a short link. The link held code that would hack the user’s phone and send it into a loop dialing and redialing 911.
911 centers throughout the country, including Arizona, Washington, and Florida, we flooded with calls. When calltakers answered the line, there was no one there. The user that suffered from this hacked phone bot could try to hangup or cancel the call, but the phone would continue. The only way to stop the hack was to power down the phone.
This hack only affected iPhones. Other smartphone OS’s were not vulnerable to the coded takeover.
It’s estimated that over half a million people saw this tweet, and it was clicked over 100,000 times. That’s a possible 100,000 phones that flooded their local 911s, 911s that might not be equipped to handle more than a few calls at a time, thus crippling their ability to handle any real emergencies.
The tweet was traced back to a twitter user @SundayGavin, and the code in the link was further traced to a teenage programmer in Arizona. Both admit to not considering the affect this would have on public safety.
Apple promises to update their iOS to fix this vulnerability.