Telephony Denial of Service Attacks Can Disrupt Emergency Call Center Operations

Summary

The FBI is issuing this PIN to provide awareness regarding Telephony Denial of Service (TDoS) attacks. TDoS attacks affect the availability and readiness of 911 call centers and can undermine public trust in emergency services.

TDoS attacks have evolved from manual to automated. Manual TDoS attacks use social networks to encourage individuals to flood a particular number with a calling campaign.

An automated TDoS attack uses software applications to make tens or hundreds of calls, simultaneously or in rapid succession, to include Voice Over Internet Protocol (VOIP) and Session Initiation Protocol (SIP). Numbers and call attributes can be easily spoofed, making it difficult to differentiate legitimate calls from malicious ones.

TDoS services and tools are widely available to actors with all levels of experience. The proliferation and low cost of VOIP software allows cyber actors to conduct the attacks with minimal preparation and equipment.

This FBI PIN contains an overview of the threat, recommended mitigations, and is being provided to assist cybersecurity professionals guard against the persistent malicious actions of cyber actors.

Reporting

We encourage recipients who discover signs of malicious cyber activity to contact us via the cyber incident report form here.