Baltimore's 911 dispatch hacked, CAD system down for 17 hours

Baltimore’s 911 dispatch system was hacked over the weekend, causing the Computer Aided Dispatch (CAD) system to be down for over 17 hours.

Baltimore's 911 dispatch hacked, CAD system down for 17 hours
Thinkstock

Baltimore’s 911 dispatch system was hacked over the weekend.

The Baltimore Sun reported that the attack affected the Computer Aided Dispatch (CAD) system, and 911 and 311 calls “were temporarily transitioned to manual mode.”

What that means, according to Frank Johnson, CIO in the Mayor’s Office of Information Technology, is that “instead of details of incoming callers seeking emergency support being relayed to dispatchers electronically, they were relayed by call center support staff manually.”

The CAD system is used to automatically map the location of 911 callers and then route the closest emergency responders to the callers.

With CAD down, not only was it “much less efficient,” but Brian Fontes, the CEO of NENA (National Emergency Number Association), added a potential attack scenario: “If I’m a bad actor out there and I wanted to do some real harm beyond the 911 center, one of the main things I would want to do is bring down the 911 center. If there were a concerted attack of some sort, you want to make sure that your 911 centers are up and running because they are your dispatch centers for emergency responses.”

City personnel identified the “limited breach” and then took the affected server offline to mitigate the threat of the hack. The CAD system was down for over 17 hours, from 8:30 a.m. Saturday until around 2:00 a.m. Sunday. It was restored after “a thorough investigation of all network systems.”

Baltimore Police Commissioner Darryl De Sousa said he was “aware of the hack ‘almost at the onset,’ and police commanders deliberately ‘shut down a lot of our systems so we weren’t compromised to a higher level.'” He added that the police suffered “no slowdown” in responding to crimes.

There was no additional information about the hack, what was compromised, or possible suspects, as that “could compromise” an “active investigation.”

The FBI told the Sun it was “aware of the breach and provided some technical assistance to the city.”

Vermont’s 911 outage: no hack, but a human coding error

The state of Vermont also suffered a 911 outage last week, but it lasted only 45 minutes and was not the result of a hack.

“It impacted the system statewide,” said Barbara Neal, executive director of the state E911 Board. “We know that there were 11 calls. … They were from all over the state.”

The Rutland Herald reported that the outage was attributed “to human error” while Consolidated Communications was working on the network. Neal added that Consolidated claimed “the outage was the result of planned work.”

Consolidated said a “code error” took place during “a software modification to enhance the network.”

Another 911 issue In Vermont occurred in November 2016; it, too, “appeared to be human error.”

While it’s not a good thing for 911 to suffer outages, at least the human error didn’t result in an emergency alert blasting out to all phones and TVs in the area like it did when human error in Hawaii caused the following warning: “BALLISTIC MISSILE THREAT INBOUND TO HAWAII. SEEK IMMEDIATE SHELTER. THIS IS NOT A DRILL.”

Security Smart: 4 Common Password Myths ... Debunked!