UNDERSTANDING THE THREAT LANDSCAPE
9-1-1 systems process hundreds of millions of emergency calls in the U. S. each year, serving as the connection between people in crisis and first responders.
Historically, nuisance calls and hoaxes were viewed as isolated disruptions. Today, those disruptions have evolved into coordinated, technology-enabled attacks that pose serious safety risks.
As NG9-1-1 systems become more interconnected, three primary categories of abuse have emerged: call spoofing and swatting, cyberattacks on emergency communications infrastructure, and AI-generated deception.
1. Call Spoofing and Swatting
Call spoofing – or submitting a false request for emergency assistance – is a prime example of how these threats can escalate quickly, resulting in unnecessary emergency responses, misallocation of resources, and, in extreme cases, injury or loss of life.
Swatting incidents deliberately generate unnecessary and dangerous emergency responses by falsely reporting an emergency with the intention of generating a SWAT-style response from law enforcement, often to disrupt an organization or cause harm to a specific individual.
Like many criminal threats, spoofing, swatting, and related abuses may not occur daily or even weekly, but that does not diminish their impact. Telecommunicators and first responders must remain prepared at all times because the cost of a single incident can be severe.
These events also tend to occur in waves. After a high-profile incident, copycat attacks often follow across jurisdictions, underscoring the need for coordinated awareness and consistent preparedness across ECCs nationwide.
2. Cyberattacks on Emergency Communications Systems( ECSs)
As NG9-1-1 systems shift from legacy wireline infrastructure to IP-based networks, they inherit the cybersecurity risks faced by other critical infrastructure sectors. Ransomware, malware, phishing campaigns, and denial-of-service attacks increasingly target ECSs, seeking to disrupt operations or compromise sensitive data.
Unlike traditional nuisance calls, cyberattacks can impact multiple systems simultaneously, degrading call handling, delaying response times, or temporarily disabling emergency services altogether.
For ECCs, cybersecurity is no longer an IT-only concern. It is a frontline public safety issue.
3. AI-Generated Deception
The rise of generative AI introduces a new category of threat: highly realistic, AI-generated deception.
Synthetic voices, manipulated incident-related imagery( IRI) e. g., still images, pre-recorded video and streaming video, and deepfake content have the potential to make fraudulent emergency calls more convincing and more difficult to detect.
As these tools become more accessible, the risk of AI-assisted abuse within emergency communications is expected to grow.
FRONTLINE DETECTION AND RESPONSE PROTOCOLS
Behind every call is a human working under intense pressure.
ECC professionals strive for accuracy on every call. They know that even small mistakes can have significant consequences. Leaving out a detail or misinterpreting a caller’ s information can put lives at risk.
The introduction of new threats such as spoofing, cyberattacks, and AI-generated deception adds another layer of cognitive and emotional stress.
For today’ s 9-1-1 telecommunicators, the challenge is no longer limited to identifying obvious prank calls.
They must navigate increasingly complex forms of deception while still adhering to their core mission.
9-1-1
FOR TODAY ' S 9-1-1 TELE- COMMUNICA- TORS... THEY MUST NAVIGATE INCREASINGLY COMPLEX FORMS OF DECEPTION WHILE STILL ADHERING TO THEIR CORE MISSION.
The long-standing principle of“ when in doubt, send them out”( i. e., if it could be a legitimate emergency, send first responders) remains valid.
But it now must be supported by enhanced training to identify abuses, stronger verification tools, clearer protocols, and organizational support.
9-1-1 telecommunicators today have access to far more resources than in the past. Web-based applications and call management tools can help verify caller location and corroborate details, offering additional context to more easily identify spoofed or manipulated calls.
While these tools do not replace human judgment, they enhance call-takers ' ability to respond efficiently and effectively to legitimate emergencies.
MAY 2026 23