Next-Gen 911 Systems Outstrip Cybersecurity Measures

The transition to Next Generation 911 systems across the United States is advancing more swiftly than the implementation of essential cybersecurity measures, prompting experts to warn that this rapid modernization creates favorable conditions for potential cyberattacks.

See Also: Secure AI and Cloud: 5 Key Requirements

On Tuesday, telecommunications company Intrado—formerly West Communications—published a report that highlights the cybersecurity landscape for 911 technology. The report stresses the urgency of enhancing security measures, stating, “Ensuring the cybersecurity of the 911 ecosystem is a hill we must climb faster” to safeguard the approximately 240 million emergency calls placed annually in the United States. The ongoing transition not only brings new opportunities but also introduces various challenges, as modern services and data flows elevate cybersecurity vulnerabilities.

The Federal Communications Commission (FCC) has encouraged telecommunications providers for over a decade to adopt NG911 technologies, which replace traditional emergency systems with internet protocol solutions. This shift aims to facilitate new means for contacting emergency services, including SMS, video, and real-time location data.

New applications of this technology include panic buttons in K-12 schools that link directly to emergency responders, consumer applications that can automatically dial 911 and transmit location information, and incident management systems that aid educational institutions in responding to threats. These advancements expand access to emergency services but significantly “increase the surface area for attack and abuse,” according to Trey Ford, Chief Information Security Officer for the cybersecurity firm Bugcrowd.

The report further outlines emerging cybersecurity threats beyond the traditional misuse of 911 systems, such as swatting and hoax calls—which have seen a rise in recent years. It identifies new vulnerabilities linked to inadequate cloud storage, real-time communication tools, and the expanded use of internet-protocol-based technologies.

Some dispatch centers have reverted to using paper records due to ransomware and denial-of-service assaults that overwhelm public safety answering points with botnet-driven VoIP floods, which outpace existing filtering mechanisms. To maintain functionality during cyber incidents or traffic spikes, Jason Soroko, a senior fellow at Sectigo, notes that segmented Emergency Services IP Network gateways, firmware signatures, and offline immutable backups have become baseline protections.

Even a single misconfigured 911 call has the potential to expose sensitive personal information. According to Soroko, “Zero-trust identity systems, ongoing social-engineering training, formal model validation, and latency-aware anomaly detection tailored to 911 operations are now critical components for resilience.”

In early June, the FCC released a notice of proposed rulemaking aimed at enhancing the reliability and cybersecurity of NG911 systems. This includes increased oversight of service providers and new definitions for affected entities. Furthermore, the proposed rules advocate for minimum cybersecurity protocols, formal risk management strategies, and compliance with national interoperability standards.

While the proposed regulations, which may come into effect after a public comment period later this year, stop short of endorsing regular audits of cloud providers, end-to-end encryption, or routine testing of communication applications, these measures are deemed vital to safeguard against future cyber threats, according to Nivedita Murthy, a senior staff consultant at Black Duck.

“Emergency responders often engage with individuals during their most vulnerable moments, necessitating that all communications during these encounters be treated as confidential unless specified otherwise,” Murthy emphasized. “Maintaining data confidentiality is paramount in these critical interactions.”