Unknown threat actors have been putting Americans’ lives in danger this week. First there was a ransomware attack on OneBlood, a non-profit blood donation center that supplies blood to hospitals throughout southeastern US. Then there was a disruptive attack on the 911 dispatch system for central Texas.
Those responsible for the two attacks have not yet been identified, nor whether these are two unrelated incidents or two attacks by the same threat actors, but these were two different types of attacks. Of note, neither victim entity reported receiving any communications or extortion demands. So were these financially motivated crimes, or are some person, persons, or state actors testing to see how they can cripple public health safety?
KXAN reports on the 911 dispatch incident:
Central Texas 911 systems were impacted Sunday by an intentional attack, according to the Capital Area Council of Governments (CAPCOG).
The attack, known as a Telephony Denial of Service, or TDoS, caused the 911 call volumes to exceed capacity to intentionally overload 911 systems. Call issues were seen across Central Texas from Austin to Burnet County to Luling.
CAPCOG provides critical infrastructure and ensures that 911 systems are operational for 31 Public Safety Answering Points in Central Texas, according to the local government coalition.
The issue was first noticed in Round Rock around 1 p.m., a spokesperson said. CAPCOG worked with AT&T’s Resolution Center to solve the issue. Numbers receiving robocalls were identified and disconnected.
Read more at KXAN.
A denial of service attack is not a data breach in the sense that personal data is accessed or acquired by the threat actors, but it is a disruptive attack nevertheless and cause for concern for national security.
The attack on the Texas system is not the first time an emergency dispatch system has been attacked. Bucks County, Pennsylvania’s dispatch system was disrupted for nine days in January due to a ransomware attack by the Akira group. Officials stated that call-taking abilities were not affected at any time. In a separate attack in June, police and fire emergency dispatch 911 services in parts of Southern California were disrupted by a DragonForce cyber incident that occurred on June 16.