Cyber Incident Victim: Erie County
Date:
Oct 2022
Location:
United States of America
Summary
A suspected cyberattack disrupted emergency services in Erie County when a deactivated wireless device repeatedly called 911 approximately 750 times over several hours, overwhelming the system and preventing mobile call reception for nearly two hours. The denial-of-service incident maxed out backup capacity but did not impact landline calls or text-to-911 functionality. A third-party vendor resolved the outage by expanding call volume thresholds and isolating the malicious device to a single line. While authorities investigated whether the attack was intentional, the county's recently implemented Next Generation 911 system aided in rapid isolation of the issue. Public safety alerts directed residents to use alternative contact methods during the disruption, which exclusively affected this jurisdiction. Emergency responses to landline calls proceeded without interruption throughout the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 23, 2022, Erie County, Pennsylvania, experienced a significant disruption to its 911 emergency call system, beginning at approximately 8:55 p.m. and lasting nearly two hours. A deactivated wireless device, likely a cell phone, initiated automated calls to the county’s 911 dispatch center every seven seconds, generating approximately 750 calls by 2:00 a.m. the following morning. These calls automatically terminated upon being answered, overwhelming the system’s capacity and maxing out its backup capabilities. The incident prevented dispatchers at the Oliver Road facility from receiving mobile phone calls, though landline calls and text messages to 911 remained operational. During the peak disruption period—a one-hour and forty-five-minute window—only 18 landline calls were successfully processed, with emergency responders maintaining uninterrupted response capabilities for those requests. Erie County Department of Public Safety Director John Grappy characterized the event as a suspected cyberattack, though investigators had not yet determined whether it was accidental, intentional, or malicious. The attack exclusively affected Erie County’s systems, with no broader regional impacts reported.
The county’s third-party vendor, ComTech, resolved the incident by dramatically expanding the system’s call-handling capacity and isolating the malicious device to a single communication line. Concurrently, the Erie County Department of Public Safety and the Pennsylvania Emergency Management Agency (PEMA) issued emergency alerts via media and wireless devices, instructing the public to contact 911 using the center’s 10-digit phone number during the outage. Local law enforcement agencies assisted in investigating the incident’s origin and intent. Officials confirmed that the county’s recently implemented Next Generation 911 system—a PEMA-managed upgrade operational since September 27, 2022—was not responsible for the vulnerability. Instead, the IP-based technology facilitated faster isolation of the attack and system recovery by enabling precise identification of the offending device’s traffic. No service interruptions occurred for non-wireless callers throughout the event, and normal operations resumed following the vendor’s mitigation measures.