SWATting – Is the 911 Network Secure?

This Avaya CONNECTED Blog
is also available as an MP3 Audio File


Over the past several years a recurring theme on this podcast, and unfortunately in the news, is the practice of “swatting”. Swatting is when a caller places a call to a 911 center with the intention of invoking a SWAT team response to their intended victims location. Many times this is done out of revenge, or a poor joke, but in either case it can be a costly and highly dangerous situation for both police response teams, as well as the intended SWAT victim.

But just how do these young hackers exploit the 911 system? Is there a security hole in the network that needs to be plugged? Fortunately, there isn’t a hole in the system, nor is there a secret backdoor that is been breached by telephone hackers. The system is operating as designed, and the perpetrators are simply manipulating their caller ID thereby “fooling” the system.

Back in my teenage days, caller ID didn’t exist, providing complete anonymity when making a telephone call. When the phone rang, you had no idea who is going to be on the other end. But that all changed in the mid-80s when caller ID became an option in most major cities, and now is a widespread feature available just about anywhere. In fact I would be surprised to find an area where caller ID was not offered by the local CLEC or ILEC.

For the most part, caller ID spoofing requires some level of control within the network, as on regular telephones, the caller ID is not actually transmitted by the device, nor is it possible to send outbound caller ID on an analog POTS circuit. For the originating device to send custom caller ID, a primary rate interface or basic rate interface with a D channel would be required.

Since many do not have a digital circuit, or a PBX or telephone capable of generating custom caller ID, most telephone phone phreaks resort to services such as Spoofcard. The way Spoofcard works, is that you make a call to an access number, and then enter the destination number that you would like to call. The account is managed online where you can provision whatever caller ID number you would like to be displayed at the far end. When the call reaches the terminating central office, a query is made based on the calling line ID number, and the name associated with that number is then displayed to the destination. Fortunately, it’s not quite as easy as that. Even though the caller has masked their telephone number and name to the destination, there is still a telephone record on their originating line to the Spoofcard service, which leaves behind a breadcrumb trail that is very easy for the police or FBI to follow.

With the advent of voice over IP services, the potential pranksters are able to use the Internet to access service providers, which also provide the ability to provision the outbound calling line ID number, and ultimately trigger a name associated with that to whomever you call. Again, even though the breadcrumb trail is not quite as obvious, it certainly is there, and when you look at the level of ethernet forensics being deployed by public safety officials, rest assured, if they go looking for you, they will find you.

Another common practice is to exploit the telecommunications devices for the deaf, or TDD units. Placing a call from these types of devices to national relay services creates a physical firewall between the prankster and public safety. But fortunately, the physical connection of the originating telephone call to the relay service is logged, and can be physically traced.

When I read the full details of many of these swatting attempts, most have telltale signs that public safety is getting very attuned to. For example, many arrive on the administrative lines and not the 911 circuits. There are probably two reasons for this. The first is that the phone phreakers are probably afraid that the administrative PSTN lines are not as advanced as the 911 lines, and they are afforded more anonymity and scrutiny. Although that sounds like a great explanation, in today’s world it’s simply not true. Point-to-point connections made in the PSTN are logged and traceable regardless of the termination type. And although there is no dramatic music and clock ticking away while public safety initiates a trace on the line, those connections can be tracked well after the call was completed.

Getting a SWATting call to land on a 911 line is not impossible, but much more difficult and unpredictable. It typically requires a much higher level of knowledge of the terminating network, and those details are just not easily found out. Even if they are, public safety often changes those details on an ongoing basis to protect against information being made public and usable for any length of time.

Just this past week, LAPD change their policy on these types of calls, where they will no longer publicly acknowledge them when they occur. This is being done in the hopes of reducing the “hacker celebrity status” of the perpetrator. You’ll also notice that several arrests are now being made as public safety understands how the network is being manipulated, and safeguards have been put into place to capture the appropriate data. This is all being done under the auspices of the Communications Assistance for Law Enforcement Act or CALEA (pronounced clee-ah). This is the United States wiretapping law that was passed in 1994 in an effort to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance. It also requires telecommunication carriers as well as manufactures of telecommunications equipment to provide built-in surveillance capabilities and wiretap points that allow federal agencies to monitor all communications in real time.

So every seen an end to the continuous SWATting attempts on Hollywood? Probably not. But I will predict a drastic decline in those attempts, as well as an increase in arrests and convictions of those who choose to play this dangerous game. 45 years ago, prank phone calls may have been an amusing game.

“Is your refrigerator running? Then you better catch it!”

This might have given a five-year-old a stomach ache from the belly laughs. Today, reports of hostages and military grade weapons are going to get someone shot, and most likely killed. The obvious question is will next generation 911 make this problem worse?

Although it’s true that more opportunities may be present to initiate a SWATting attack, the standard tools and monitoring inherent in all networks today will make the detection much easier and faster shutting down the origination attempts. With the level of security being deployed in most networks today we easily have the technology to identify and capture those who choose to play.


Want more on E9-1-1?  E9-1-1 Talk Podcast
Subscribe to my weekly E9-1-1 Talk Podcast here

Thanks for stopping by and reading the Avaya CONNECTED Blog on E9-1-1, I value your opinions, so please feel free to comment below or if you prefer, you can email me privately.

Public comments, suggestions, corrections and loose change is all graciously accepted 😉
Until next week. . . dial carefully.

Be sure to follow me on Twitter @Fletch911

Fletch_Sig.png 


CacheFly LogoAPN is Powered by Cachefly
CacheFly is the world’s fastest CDN, delivering rich-media content up to 10x faster than traditional delivery methods. With a proven track record and over a decade’s worth of CDN experience, companies around the world choose the CacheFly CDN for reliable and unbeatable performance. For more information, visit www.cachefly.com

Related Articles:

Transforming Online Meetings for Team Collaboration

I find it interesting how companies choose to measure team collaboration. Most use surveys, some productivity data, and others standard review processes. Yet team collaboration is about so much more than all of this. If you ask us, it’s about putting people first.

We mean this quite literally. It’s important to provide employees with a suite of face-to-face collaboration capabilities that enable dynamic, real-time team collaboration. Communication staples like voice and chat are surely important, along with the endless other tools teams use to connect and share information. Meeting via video, however, is arguably the best way to collaborate, build relationships, create momentum and build morale. Face-to-face collaboration may not always be needed, but companies will want to make sure they have the best tools in place for when it is.

When done right, online meetings enhance team collaboration in several ways. Consider the most basic of them all: a good part of communication is non-verbal. Being able to observe team members’ body language can help prevent miscommunication and connect across languages and cultures. The technology has also evolved to the point where teams can flexibly share data, documents and other project details via screen sharing or virtual whiteboards. All the while, there’s the opportunity to initiate private chat sessions between team members to discuss simultaneously.

The bottom line: online meetings enable authentic human interaction that delivers real value, time and cost savings, and better business outcomes.

Now, imagine being able to quickly implement an easy-to-use, cost-effective service that skips the capital investment and technical hassle of a traditional video solution. This is exactly what Avaya Equinox Meetings Online offers: a cloud-delivered application that allows users—both employees and outside contacts—to connect with their browsers (no plug-ins required) or mobile apps to effortlessly initiate and/or participate in online meetings. The service places priority back on people, which is where it belongs. Simple as that.

Don’t believe us? Read Nemertes Q4 2017 Enterprise Business Value Matrix for Unified Communications and Collaboration to see what they had to say. If you like what you see, or if you have any questions, please feel free to reach out to our team for more information via our webchat.

The Easy Button for IoT

I am sure that I don’t have to tell you how the Internet of Things (IoT) is revolutionizing our world. Stop by any electronics retailer and you will find smart TVs, smart lights, smart refrigerators, and smart thermostats. Open up the brochure for a new car and you will find more space dedicated to intelligent sensors than horsepower. Tour a modern manufacturing plant and you will quickly discover that nearly every machine used in production has been equipped with an IP address. From the consumer to the enterprise, IoT is the driving force of innovation.

Of course, there is a dark side to this revolutionary technology: It’s not all that easy. As a consumer, it’s not a big deal to have one smart dryer that sends a text message when your clothes are dry. It’s also pretty simple to have your refrigerator email you a photo of its contents. In these cases, it’s just you and your machine.

However, what if you had a thousand dryers and ten thousand refrigerators. Let’s take it further. What if you were American Airlines and your fleet of airplanes had five hundred thousand different sensors reporting information every second. Now, imagine that some devices reported data using Bluetooth while others used Zigbee, WiMAX, LTE, WiFi, and NFC. Want to make it even more challenging? These different sensors report data reading using SOAP, REST, WebSockets, and a myriad of proprietary protocols. It quickly becomes an engineering nightmare to collect, store, and take the appropriate actions on this constant stream of data.

One Bite at a Time

Question. How do you eat an elephant? Answer. One bite at a time.

As with an elephant, the best way to conquer the IoT problem is to break it down into bite-sized pieces. Instead of trying to directly deal with all those different sensors and their unique forms of communication, have those sensors talk to gateways that understand multiple IoT dialects. Those gateways could then normalize the data before sending it off to a central cloud repository. Next, wrap the IoT cloud with web services that allow for a consistent and uniform way to access IoT data. Finally, use those web services to create a suite of applications for data visualization, event processing, analytics, etc.

Now, instead of being inundated with terabytes of data that may or may not be important, you only see what you need to see and only when you need to see it. You also have a scalable platform that allows you to add new sensors without having to constantly redesign and redeploy your business applications.

At Arrow Systems Integration (ASI), an Avaya A.I.Connect partner, we call this distributed architecture of sensors, gateways, and cloud services Arrow Connect™.

Arrow Connect

Arrow Connect is a software architecture that connects any device over any protocol to any cloud. Designed and developed by Arrow with security, scale, flexibility, device management, multi-tenancy, hierarchy, open APIs, and extensibility as its core principles, Arrow Connect is helping customers across multiple industries bring their products to market faster.

The Arrow Connect software development kit (SDK) helps enterprises leverage the full capabilities of any device while an extensible software gateway allows developers to add support for protocols and sensors not currently supported by Arrow Connect.

The Arrow Connect cloud platform enables secure provisioning and management of all its devices. It runs on multiple public cloud platforms and seamlessly integrates with Microsoft Azure, IBM Watson Bluemix/Softlayer, Amazon Web Services, and private data center solutions.

Breeze and Zang Workflows

While support for RESTful web services is essential to being an open and secure cloud solution, this comes with a price and that price is complexity. Despite being an open standard understood by most software developers, the fact that you must be a developer to use web services confines them to a very select group of people.

In our quest to find every possible way to simplify IoT, ASI has partnered with Avaya to add support for Arrow Connect IoT devices, sensors, and gateways into Avaya Breeze and the Zang Workflow Designer. With both of these platforms, access to IoT data and Arrow Connect services becomes as simple as drag and drop and non-developers can create powerful IoT solutions in a matter of minutes. Better still, this simplification does not come at the cost of accuracy, reliability, speed, security, or scalability. The visual tasks embedded in these workflow tools employ the same Arrow Connect web services a skilled software developer would use. The difference is that there is no need to learn Java, .Net, Python, or any other programming language.

 

The Easy Button for IoT

With integrated workflow technology, you can quickly turn an idea on a whiteboard into a fully functional and easily deployable solution.

Next Steps

McKinsey recently said that “Any business that fails to invest heavily in the IoT in the next 10 years is unlikely to be able to remain competitive.” While these may seem like strong words, industry after industry has taken them to heart and the IoT revolution is everywhere. As I stated at the beginning of this article, IoT is becoming pervasive for both consumers and businesses.

The simplification, scalability, and security of IoT offered by Avaya and Arrow Systems Integration helps an enterprise to create the solutions it needs to enhance its business, grow its customer base, and stay competitive.

Andrew Prokop is the Director of Emerging Technologies at Arrow Systems Integration. Andrew is an active blogger and his widely-read blog, SIP Adventures, discusses every imaginable topic in the world of unified communications. Follow Andrew on Twitter at @ajprokop, and read his blog, SIP Adventures.

News & Solutions at ENGAGE 2018 Show Avaya is Back in the Fight!

Now back from last week’s Avaya ENGAGE 2018, our annual customer and partner event, we’re finding the energy of the conference continues to drive the cadence at Avaya. What a show! In my last blog I wrote about taking time for a bit of introspection—thoughts echoed by our CEO Jim Chirico during his ENGAGE keynote. One of his points really resonated with me: how you get up off the mat. All of us face challenges everyday—most of them are manageable but occasionally an event comes along that can really take the wind out of your sails. Jim pointed out that while we all get knocked down from time to time, what really matters is how you get up. How you carry yourself and how you get ready for the next challenge.

In 2018 Avaya is back up. We’ve got our gloves on and we’ve come out swinging! ENGAGE 2018 was a great opportunity for us to thank our customers and partners for their outstanding support over the past year and give them a taste of the new Avaya: poised, fit, and ready to win.

Our commitment to win was reflected in a number of key announcements from last week, but the headliner was the acquisition of Spoken Communications, a leading innovator in the Contact Center as a Service (CCaaS) market. The Spoken platform is based on the Avaya Aura® Platform and Avaya Aura® Call Center Elite, making it a perfect architecture for both Avaya omnichannel offerings, such as Avaya Oceana®, and its Unified Communications as a Service solution. But Spoken brings much more than a proven xCaaS capability to Avaya—the really exciting news is Spoken’s transformative real-time customer experience management applications built on conversational artificial intelligence (AI). A true innovator in AI, Spoken will be accelerating our “Think Avaya, Think Cloud” strategy with solutions that not only provide a clear path for customer migration, but offer improved efficiency, drive more intelligent responses, and gain deeper insight into customer sentiment and experience.

And there was more news at Avaya ENGAGE on the AI front: Avaya introduced Avaya AvaTM , a cloud, messaging-agnostic solution that offers new AI capabilities for social messaging integration and automation of digital interactions. An evolution from our Ava technologies offered for over eight years, Avaya AvaTM delivers AI 2.0 architecture including natural language processing and machine learning. And innovative analytics enables effortless customer engagement through social media and messaging platforms.

Last year we introduced the Avaya Oceana® Solution—our omnichannel context-driven contact center solution. Now we are thrilled to bring the Workspaces environment to our existing customers later this year. This modern agent desktop will take advantage of key elements such as context and customer journey and be made available to our existing customer base, enabling them to transform their CXs.

Avaya also unveiled compelling enhancements to its signature unified communications user experience, Avaya Equinox®. These include:

  • Enhancements to Avaya Equinox Meetings Online, a cloud-based meeting and conferencing service that can be deployed with or without an Avaya infrastructure. The economical, pay-as-you-go cloud model offers the same capabilities as an on-premises deployment, making it easy to take a hybrid approach and mix and match between the two.
  • The new Avaya Equinox Attendant, which enhances customer service and brings the power of unified communications to front-desk operators. We will extend Avaya Equinox to the IP Office platform—providing a single UC platform for all our customers.

Devices remain a key part of Avaya’s strategy to deliver a unique UC Experience Everywhere. Avaya has shipped over 100M phones to date and currently ships almost 10,000 new devices every day. For 2018, Avaya is expanding customer options for UC devices like never before. The Avaya Experience has evolved to be more modern, connected and personalized, and tailored to vertical specific needs such as hospitality and retail. Key additions include:

  • Launching Avaya’s new Essential Experience portfolio of industry leading phones for a state-of-the-art user experience that includes Bluetooth and WiFi connectivity.
  • Extending the Avaya Vantage Experience to include support for IP Office.
  • Announcing the new Avaya CU-360 Collaboration Unit, which provides easy set up and collaboration in huddle room spaces.

Providing our customers a bridge to the future is a key focus for Avaya this year—and this goal will drive a great deal of our activity. To start, Avaya has launched a number of new promotions:

  • Loyalty2gether: This exciting and bold offer provides all our loyal Communication Server 1000 customers with a path forward to either IP Office or Avaya Aura with full support for the surrounding applications like customer contact and messaging. It’s an opportunity to reinvent what communications, customer experience, and collaboration can mean to your business and to do so with an unprecedented level of experience and investment protection.
  • Oceana NOW: This program focuses on helping organizations evolve and transform their CXs.
  • Automate CC NOW: Through the use of automation capabilities, Avaya is helping organizations modernize for less.

These programs are a prime example of our focus to ensure no customer gets left behind.

ENGAGE 2018 was a very busy week of announcements, meetings and demonstrations, and the energy and enthusiasm of our customers kept us going and underlined our confidence that Avaya is back and ready to do battle. Continue to watch for updates and details on Avaya.com and let us know how the new Avaya can support your plans in 2018.