Next-Generation 9-1-1 safeguards against swatting: part 2
In my previous article, I exposed the extreme obsolescence of our 9-1-1 system. Here I will talk about this terrible plague that we call “swatting,” the tragic events of December 2017 and how this can be avoided in the future.
What is swatting?
According to the National 9-1-1 Program, Swatting is “false reporting an emergency to public safety by a person for the intent of getting a (“SWAT team”) response to a location where no emergency exists.” The person, or bad actor, will often report they are involved or nearby as a witness to a high response incident, such as a home invasion, active shooter, or hostage situation. The ultimate goal of these bad actors is to target a location with the largest and most forceful response possible. When law enforcement arrives at the target location, usually with a substantial response, they confront unsuspecting swatting victims at gunpoint, only to determine that there is no real emergency.
Wichita Kansas incident
The tragic events that occurred in December of 2017 at a residence in Wichita Kansas is a very publicized swatting incident. In this case, the bad actor called the Wichita City Hall Security Desk to report a false emergency. The security desk relayed the false information to the 9-1-1 call taker and then failed to complete the transfer of the hoax emergency call to 9-1-1. The 9-1-1 call taker then called the phone number provided to the security desk by the bad actor, which then connected the 9-1-1 center directly to the bad actor. At this point, the bad actor provided enough reasonable information to convince the 9-1-1 center to dispatch law enforcement first responders to the unsuspecting residents of the address relayed by the bad actor. The tragic consequences of this hoax call became national and international news and led to calls for action against the scourge of swatting.
Resistance to change is not the solution
There are some who claim the transition from our legacy E9-1-1 infrastructure to Next Generation (NG) 9-1-1 will actually raise the risk of more swatting incidents. Although there is no clear evidence to support this claim, National Public Radio (NPR) reported that the additional media types supported by NG9-1-1, such as text, images, and video, may enable new modes for relaying false information to public safety 9-1-1 centers. Beyond the fear, uncertainty, and doubt created by these reports, there is no overarching, definitive report (yet). Unfortunately, resisting the transition to NG9-1-1 will only make the situation worse as bad actors acquire more technology and refine their techniques against the obsolete E9-1-1 infrastructure described earlier.
NG9-1-1 is NGSmart
NG9-1-1 and Smart Cities are closely tied together by not only their enabling technologies, but also by the potential increase in data they can provide. When compiled and presented correctly, this data can become actionable information for 9-1-1 call takers in response to emergency calls.
Smart city initiatives deploy many of the technologies that can be used to combat swatting. As mobile data networks evolve and increase their bandwidth capabilities, so does the amount and types of additional data that can be transmitted with the call. Wireless small cellular base stations (Femtocells), Multiple-Input Multiple-Output (MIMO) wireless access points, and Bluetooth beacons, allow more precise information to be available for 9-1-1 call takers. These technologies have enabled the development of the National Emergency Address Database (NEAD) in order to comply with the FCC mandated location accuracy improvements for emergency calls, or dispatchable location. Other advancements include Identity Searchable Additional Data Repositories (IS-ADR), which are databases that contain additional data about 9-1-1 calls.
Once implemented, this NGSmart network of small cells, wireless access points, and beacons provide precise location of emergency callers, the type of device used to make the emergency call, the service provider company(s) infrastructure on which the emergency call was initiated, and subscriber information about calling device and service. These key pieces of information, which are not available (or possible) with the obsolete E9-1-1 infrastructure, give the 9-1-1 call taker valuable information that can be used to assess and validate emergency calls, including identifying swatting calls from bad actors. Armed with the proper training and this valuable information, 9-1-1 call takers now have more tools to stop swatting: if the bad actor’s scenario does not match the additional data collected for the emergency call then standard operating procedures and protocols can be activated to stop future Wichita Kansas tragedies.
Promote standards organizations and the adoption of NG9-1-1
Organizations such as the Internet Engineering Task Force (IETF), Alliance for Telecommunications Industry Solutions (ATIS), the National Emergency Number Association (NENA), and the Association of Public-Safety Communications Officials (APCO) have produced many standards that provide a blueprint for NG9-1-1 and promote interoperability between different system components. These standards make caller ID spoofing of emergency calls difficult by mandating the implementation of trusted networks and preserving the real identity of the caller. Deploying vendor solutions that comply with these standards helps to ensure reliable and dependable operation of the NG9-1-1 infrastructure.