Home Message service What happened, how to prepare for next time

What happened, how to prepare for next time


The calls came from within the county.

They entered, one after the other.

And every time we answered them, no one was on the other end.

What happened Sunday in Erie County was not worthy of horror movies, but it created a nightmare scenario for those who were the target of the attack.

Every 7 seconds for five hours, a disabled wireless device called and then hung up on dispatchers at the Erie County 911 center on Oliver Road in Summit Township.

Calls congested phone lines, preventing anyone in Erie County from using a cell phone to dial 911 from 8:55 p.m. to 10:40 p.m. Sunday, when a temporary fix fixed the problem. Even then, the calls continued until 2 a.m. Monday. Officials declined to say why or how the calls stopped.

The alleged attack came just two weeks after the websites of major US airports, including Hartsfield-Jackson Atlanta International Airport and Los Angeles International Airport, suffered a similar breach by the group. of pro-Russian Killnet hackers, according to the Associated Press.

After:Update: Cyberattack suspected in Erie County 911 service malfunction that lasted nearly 2 hours

After:Corry School District says ransomware attack may have exposed staff and student data

how they work

Known as “distributed denial of service attacks”, these attacks aim to disrupt and disable their target’s operations by flooding them with unwanted data or – in the case of Erie County – hundreds of calls repeated phone calls from a disabled wireless device, which connected to 911 through a cell tower in the city of Erie.

Cloudfare, a San Francisco-based content delivery network specializing in mitigating distributed denial of service attacks, released a report this week showing an increase in these types of attacks in the third quarter compared to the same period. last year. He also reported that these attacks are growing in volume – larger amounts of data moving faster – and are more complex.

They target servers, services or networks, overwhelming them with this “deluge of Internet traffic”, according to the report.

“To be effective, these attacks require threat actors to take control of online computers, routers, (Internet of Things) devices, or other endpoints to exploit as sources of attack traffic. attack,” the Cloudfare report said. “These machines are infected with malware and then weaponized into a remote-activated ‘botnet’.

“When the IP address of a targeted server or network is established, each bot sends simultaneous requests to that target with the intention of causing it to overflow, resulting in a denial of service to normal traffic,” the report says. report. “Because every bot is a legitimate device, it can be extremely difficult to separate attack traffic from legitimate traffic.”

In 2021, the FBI warned against the use of phone denial of service attacks, which specifically target phone lines.

These types of attacks, the FBI noted, have evolved. Initially, they involved individuals using social media to encourage other malicious actors to manually flood phone systems with calls, but now the attacks are mostly automated. They use malware to make hundreds of calls simultaneously or in rapid succession, the FBI reported.

“Numbers and call attributes can be easily spoofed,” the FBI said in a February 17, 2021 public service announcement, “making it difficult to differentiate legitimate calls from malicious calls.”

From left, Erie County 911 Coordinator John Durlin and Erie County Director of Public Safety John Grappy hold a news conference Oct. 24, 2022 in a conference room at the department from Erie County Public Safety to discuss a suspected cyberattack that overwhelmed the 911 system from 8:55 p.m. Oct. 23 until 2 a.m. that day.

Effect on Erie County Services

Erie County Public Safety Director John Grappy and 911 Coordinator John Durlin detailed Monday how the county’s infrastructure has helped them, along with officials from the Pennsylvania Emergency Management Agency and the provider of 911 call answering technology, Comtech Telecommunications Corp., solve the problem.

First, even though users of cell phones and other wireless devices couldn’t reach 911 dispatchers by dialing the emergency number, they could still text for help. Landline phones also worked.

As the 911 system was overwhelmed, dispatchers answered 18 calls from landlines or to the 10-digit 911 center number. Durlin said there did not appear to be any delays or other negative impact on the ability of security service agencies to respond to these calls.

Second, the cyberattack did not disrupt the ability of police officers, firefighters, paramedics and other first responders to communicate with each other through the county’s new $26.5 million next-generation public radio system. Erie.

And third, the county’s switch on September 27 to the Next Generation 911 system of the same name was not part of the problem, but rather the solution. PEMA has been working on the new system for several years. In November 2020, PEMA awarded the $175.1 million contract to Comtech to design, install and operate the system. Erie County was among the first four counties in the state to make the transition.

Durlin said the county could have suffered a similar cyberattack under its old call-response system, but it wouldn’t have been able to isolate robocalls or increase the number of available lines capable of receiving. emergency calls.

“If you said you need 50 more phone lines, you could never get somebody to come and give you 50 more phone lines in the middle of the night,” he said of the former system. “With the Next Generation 911, the capability exists.”

Dispatcher Dan Fitzpatrick is pictured, Oct. 24, 2022, at the Erie County Department of Public Safety's 911 center on Oliver Road in Summit Township.

The public must be ready

While officials are taking steps to mitigate the risk of recurrence, there’s no way to guarantee such an attack won’t happen again, especially as technology evolves and bad actors improve their craft.

“The possibility is there,” Durlin said Monday. “This is not the first place in the country to have this type of attack.”

Durlin said the public should be prepared — rather than concerned — about the potential for a future attack.

Save in your phone contacts:

  • Local non-emergency numbers for the nearest police and fire stations.
  • The Erie County 911 Center Administrative Hotline, 814-868-7911.
  • If you don’t have a landline phone, contact the local police or fire department in case of an emergency.

On Sunday, the county sent out media advisories about the outage and PEMA then activated the Integrated Public Alert and Warning System and the Wireless Emergency Alert System to notify the public. Authorities have asked volunteer firefighters to man their stations in case anyone shows up needing help.

“It’s unfortunate,” Grappy said. “At the end of the day, someone who really needs this service who has some type of emergency…is unable to call us. That’s a concern for all of us.”

Matthew Rink can be reached at [email protected] or on Twitter at @ETNRink.