Baltimore 911 dispatch hacked, dispatchers switch to manual mode
Baltimore’s 911 dispatch system was hacked over the weekend, forcing a temporary switch to “manual mode,” the city’s chief information officer said in a statement Tuesday.
A spokesperson from Mayor Catherine Pugh’s office confirmed the news to The Baltimore Sun, which reported that the mayor is not planning to answer many of the case’s unanswered questions until a later date.
The city identified a “limited breach” to its computer-aided dispatch (CAD) at around 8:30 a.m. on Saturday, according to a statement by Baltimore CIO Frank Johnson. After the breach was detected, Johnson said 911 and 311 dispatchers began taking information manually and the services continued to operate without disruption.
The city was able to take the affected server offline, Johnson said, but the city has not revealed any additional information, such as what data was compromised, who the actor or actors were, or whether the city knows this information yet.
The system was fully restored by 2 a.m. on Sunday after “a full investigation of all network systems,” Johnson said.
CAD systems are used to accelerate the call-taking process by automatically populating information into the incident form, like the phone number and caller’s location. Going to manual mode could mean a few different things, depending on what occurred in the city, said Jack Markey, director of the Division of Emergency Management in Frederick County, Maryland, in an email to StateScoop.
If it was only a single sub-system that failed, he said, it could mean a reduced level of automation, but if the city was forced to work with no automation, “this could mean manually referencing the reported address of an emergency to an information card or separate information source which identifies the resources to be sent to that address for a particular emergency,” Markey said, who added that he didn’t know if that’s how it happened in Baltimore, but is essentially what happens with manual call processing in Frederick County’s 911 Center and is a common industry practice.
In short, going to manual mode is far less efficient, but a safe alternative when a system has been compromised or otherwise made unavailable.
Concerns over the vulnerability of 911 services have grown in recent years as jurisdictions transition their public safety answering points onto IP-based systems with many points of entry for a bad actor looking for opportunities.
Pugh’s office did not return requests from StateScoop for additional information.