Infected Android phones could flood America's 911 with DDoS attacks

One killer trojanised app or $100k of hardware is enough.

A research trio has shown how thousands of malware-infected phones could launch automated distributed denial of service attacks to cripple the US emergency phone system "for days".

The attacks are a new area of research and exploit the need for emergency call services to accept all calls regardless of origin.

The theoretical attack uses malware to mask a phone's International Mobile Subscriber Identity (IMSI) showing only the International Mobile Station Equipment Identity (IMSEI) numbers which cloaks the origin of attacks and frustrates identification and blacklisting efforts.

Negev Ben-Gurion University researchers Mordechai Guri, Yisroel Mirsky, and Yuval Elovici say the malware could place calls without alerting users.

They say in the 911 DDoS: Threat, Analysis and Mitigation [PDF] that 6,000 infected smartphones in a local area would jam an emergency call system.

The current United States Federal Communications Commission (FCC) regulations require that all emergency calls be immediately routed regardless of the caller’s identifiers," the researchers say.

"A rootkit placed within the baseband firmware of a mobile phone can mask and randomise all cellular identifiers, causing the device to have no genuine identification within the cellular network.

"Such anonymised phones can issue repeated emergency calls that cannot be blocked by the network or the emergency call centers, technically or legally."

Half of all mobile phone emergency callers would give up when an army of 6,000 infected phones were jamming 911 public safety answering points (PSAPs). This rises to 90 percent with 50,000 compromised handsets blasting the emergency line.

A fleet of 200,000 infected handsets could jeopardise emergency services across the entire US.

The hackers used a discrete event simulator (DES) and a handful of Samsung phones to test their work, noting that malware residing in a phone's baseband would push phones into a "no SIM" state, exposing only the IMEI number which is hard to track.

The team suggests the attacks can be prevented by storing IMSI numbers in a phone's trusted memory region, such as Android Pay, preventing alteration.

"We believe that the contributions of this paper will assist the respective organizations, lawmakers, and security professionals in understanding the scope of this issue and aid in the prevention of possible future attacks on the 911 emergency services," the authors conclude. ®

Other stories you might like

  • ESA boss gives update on stricken Sentinel-1B imaging satellite: All is not lost yet

    Still borked, 1C and 1D are waiting in the wings

    ESA Director General Josef Aschbacher has addressed the issue of the space agency's borked Copernicus Sentinel-1B spacecraft in his first annual press conference.

    The last useful bit of data from the Earth observation satellite came last year, and as of yesterday attempts to revive the equipment to normal working order have come to naught.

    It's an interesting anomaly: the spacecraft remains under control and, according to Aschbacher, "the thermal control system is properly working and the regular orbit control manoeuvres are routinely performed." However, attempts to reactivate the power unit that's holding back the transmission of image data have proven unsuccessful.

    Continue reading
  • Tesla driver charged with vehicular manslaughter after deadly Autopilot crash

    Prosecution seems to be first of its kind in America

    A Tesla driver has seemingly become the first person in the US to be charged with vehicular manslaughter for a deadly crash in which the vehicle's Autopilot mode was engaged.

    According to the cops, the driver exited a highway in his Tesla Model S, ran a red light, and smashed into a Honda Civic at an intersection in Gardena, Los Angeles County, in late 2019. A man and woman in the second car were killed. The Tesla driver and a passenger survived and were taken to hospital.

    Prosecutors in California charged Kevin George Aziz Riad, 27, in October last year though details of the case are only just emerging, according to AP on Tuesday. Riad, a limousine service driver, is facing two counts of vehicular manslaughter, and is free on bail after pleading not guilty.

    Continue reading
  • AMD returns to smartphone graphics with new Samsung chip for your pocket computer

    We're back in black

    AMD's GPU technology is returning to mobile handsets with Samsung's Exynos 2200 system-on-chip, which was announced on Tuesday.

    The Exynos 2200 processor, fabricated using a 4nm process, has Armv9 CPU cores and the oddly named Xclipse GPU, which is an adaptation of AMD's RDNA 2 mainstream GPU architecture.

    AMD was in the handheld GPU market until 2009, when it sold the Imageon GPU and handheld business for $65m to Qualcomm, which turned the tech into the Adreno GPU for its Snapdragon family. AMD's Imageon processors were used in devices from Motorola, Panasonic, Palm and others making Windows Mobile handsets.

    Continue reading

Biting the hand that feeds IT © 1998–2022