Targeting America's Lifeline: The Growing Threat to 911 Systems

Breached Company

Breached Company

3 min read
Targeting America's Lifeline: The Growing Threat to 911 Systems

Introduction

The United States' 911 emergency response system, a critical lifeline for citizens, has increasingly become a target for cyber adversaries. On August 27, 2024, multiple states, including California, Texas, Alabama, Kentucky, Ohio, Florida, and Georgia, reported widespread 911 system outages. The outages were linked to problems with AT&T, which manages a significant portion of the nation's emergency communication infrastructure. This incident is not isolated but part of a disturbing trend where adversaries exploit vulnerabilities in critical infrastructure, raising concerns about national security and public safety.

Recent Incidents of 911 System Outages

  1. 2023 Nationwide Outage
    In October 2023, a major cyberattack targeted a national 911 service provider, causing outages across more than 14 states. The attack exploited a vulnerability in the provider's system, disrupting emergency services for hours. The incident forced emergency response teams to rely on backup communication methods, which were less efficient and led to delayed responses in some cases. The breach highlighted the vulnerability of centralized emergency communication systems and the potential consequences of such attacks.
  2. Dallas, Texas (2022)
    In June 2022, the city of Dallas experienced a significant 911 outage due to a ransomware attack on a third-party vendor that provided critical services to the emergency system. The attack led to a two-hour blackout during which residents were unable to reach emergency services via 911. Although no lives were lost, the incident exposed the risks associated with outsourcing critical infrastructure to external vendors.
  3. Knox County, Tennessee (2021)
    In April 2021, Knox County's 911 system went offline for several hours after being targeted by a Distributed Denial of Service (DDoS) attack. The attack overwhelmed the system with traffic, making it impossible for residents to connect to emergency services. The county had to quickly deploy alternative communication methods to ensure public safety, but the incident raised serious questions about the preparedness of local governments to handle cyberattacks on critical infrastructure.

The Rising Threat of Cyberattacks on Emergency Systems

The 911 system is an attractive target for cybercriminals and state-sponsored adversaries due to its critical role in public safety. Disrupting emergency communications can have catastrophic consequences, including delayed emergency response times, increased risk of fatalities, and widespread panic.

Vulnerabilities and Challenges

  • Legacy Systems: Many 911 systems across the country still rely on outdated technology that is more susceptible to cyberattacks. Modernizing these systems is a costly and time-consuming process, which leaves many regions vulnerable.
  • Third-Party Dependencies: The reliance on third-party vendors for critical services, such as communication networks and data storage, introduces additional points of vulnerability. As seen in the Dallas and nationwide outages, attacks on these vendors can have far-reaching impacts.
  • Lack of Cybersecurity Measures: In some regions, the cybersecurity measures in place to protect 911 systems are inadequate. Local governments often lack the resources and expertise to implement robust defenses, making them easy targets for cyberattacks.

Steps to Mitigate the Risk

  • Modernization of Infrastructure: There is an urgent need to modernize 911 systems across the country, incorporating advanced cybersecurity measures to protect against emerging threats. This includes upgrading to Next Generation 911 (NG911) systems, which use Internet Protocol (IP) networks to improve reliability and security.
  • Increased Funding and Training: Local governments must receive adequate funding to bolster their cybersecurity defenses. Additionally, emergency response teams should undergo regular training to handle cyber incidents effectively.
  • Collaboration Between Public and Private Sectors: Strengthening the partnership between public agencies and private sector companies, such as AT&T, is crucial. These collaborations can lead to better security practices and quicker responses to incidents.

Conclusion

The August 2024 911 outages are a stark reminder of the vulnerabilities within America's critical infrastructure. As cyber threats continue to evolve, it is imperative that federal, state, and local governments take proactive measures to protect the systems that millions of Americans rely on during emergencies. The time to act is now, before the consequences of such attacks become even more dire.

Read more

The SharePoint Hack That Changed Global Cybersecurity: Inside Microsoft's MAPP Crisis

The SharePoint Hack That Changed Global Cybersecurity: Inside Microsoft's MAPP Crisis

A comprehensive investigation into the 2025 breach that compromised 400+ organizations and forced Microsoft to restructure its vulnerability sharing program Introduction In July 2025, the cybersecurity world witnessed a watershed moment when Chinese state-sponsored attackers exploited critical, unpatched vulnerabilities in Microsoft SharePoint. The breach, which followed shortly after Microsoft shared

By Breached Company
4chan and Kiwi Farms Challenge UK's Online Safety Act in Federal Court: A Test of International Internet Regulation

4chan and Kiwi Farms Challenge UK's Online Safety Act in Federal Court: A Test of International Internet Regulation

Two controversial US-based platforms take legal action against UK regulator Ofcom, claiming constitutional violations and extraterritorial overreach In a significant legal challenge to international internet regulation, 4chan and Kiwi Farms have filed a lawsuit in US federal court against the United Kingdom's Office of Communications (Ofcom) over enforcement

By Breached Company
Warlock Ransomware: The Critical Infrastructure Threat Redefining Global Cybersecurity in 2025

Warlock Ransomware: The Critical Infrastructure Threat Redefining Global Cybersecurity in 2025

A comprehensive analysis of the ransomware-as-a-service operation that has compromised over 400 organizations worldwide through sophisticated SharePoint exploitation Executive Summary The emergence of Warlock ransomware in mid-2025 has fundamentally reshaped the global cybersecurity landscape, representing a new paradigm in the sophistication and scale of ransomware operations. Operating as a ransomware-as-a-service

By Breached Company
DOGE SSA Data Security Breach: A Case Study in Government Contractor Access and Insider Threats

DOGE SSA Data Security Breach: A Case Study in Government Contractor Access and Insider Threats

Executive Summary A whistleblower complaint filed by Charles Borges, Chief Data Officer at the Social Security Administration (SSA), alleges that Department of Government Efficiency (DOGE) personnel created unauthorized copies of the NUMIDENT database—containing personal information for over 300 million Americans—in cloud environments lacking independent security controls and oversight

By Breached Company