Slashdot Mirror
Teenager Accidentally Launches DDoS Attack On 911 Systems (softpedia.com)
A Phoenix teenager mistakenly tweeted a link to JavaScript exploit which forced iOS devices to automatically dial and re-dial 911. An anonymous reader quotes Softpedia:
The teenager created several weaponized versions of this bug which would constantly dial a phone number, or show annoying popups. The teenager says he wanted to prank his friends, thinking it would be "funny," but when he shared the weaponized link online, he shared a version that instead of showing annoying popups, redialed a phone number, which in this case was 911.
In September researchers calculated just 6,000 smartphones can take down an entire state's 911 system, while more than 1,849 people clicked on this link, according to the article. Sheriff Joe Arpaio's office searched the teenager's home -- "several items were seized" -- and they've charged him with three felony counts for computer tampering.
In September researchers calculated just 6,000 smartphones can take down an entire state's 911 system, while more than 1,849 people clicked on this link, according to the article. Sheriff Joe Arpaio's office searched the teenager's home -- "several items were seized" -- and they've charged him with three felony counts for computer tampering.
I always felt that one question that should be asked is it is worth jailing this person for three felonies worth? With prison costs of $60K a year I don't think it's worth this much taxpayer money unless someone actually got hurt. Make him agree not to do it again, give him probation and community service, and threaten to not be so nice next time should someone else duplicate this.
It's not so much that it 'crashes' 9-11, it simply ties up all the available operators so there won't be anyone available to answer the *real* emergency call coming in at the same time -- there's only so many dispatchers available to answer calls, after all. Too many calls is too many calls, regardless of how competent the initiator is.
Other than prioritizing certain calls (e.g. the ones that haven't been calling you a thousand times already today) there's not a whole lot you can do to mitigate this while remaining available to everyone.
(There often already are other call routing prioritizations in place, e.g. if there is an incoming landline and cellphone call at the same time and only one dispatcher available, they'd typically answer the landline first -- A single car accident on a busy freeway can generate dozens of incoming cellphone calls reporting the same accident, while a landline call is more likely to be a new incident that needs action.)