With new technology comes new possibilities and new risks.
As Next Generation 9-1-1 (NG9-1-1) access expands, it is increasingly important to consider the threats that emerge when new tools designed for public good fall into the hands of amorally-inclined individuals.
Nowhere is that responsibility more critical than within the public safety ecosystem, where trust, speed, and accuracy directly impact public safety outcomes.
Criminal abuses such as call spoofing, coordinated swatting attacks, and denial-of-service cyberattacks are becoming more prevalent and more sophisticated.
On legacy wire telephone networks, abusers could only make one call at a time, limited to voice communication. But with IP-based multichannel NG9-1-1 networks, which, while enabling more effective first response, the bad actors now have more vectors to commit crimes.
For emergency communication centers (ECCs), these threats are operational realities that require new approaches to detection, response, and prevention.
As NG9-1-1 adoption and AI technology continue to advance, emergency communications must evolve alongside, not only to benefit from their capabilities, but to defend against misuse.
Understanding the Threat Landscape
9-1-1 systems process hundreds of millions of emergency calls in the U.S. each year, serving as the connection between people in crisis and first responders.
Historically, nuisance calls and hoaxes were viewed as isolated disruptions. Today, those disruptions have evolved into coordinated, technology-enabled attacks that pose serious safety risks.
As NG9-1-1 systems become more interconnected, three primary categories of abuse have emerged: call spoofing and swatting, cyberattacks on emergency communications infrastructure, and AI-generated deception.
1. Call Spoofing and Swatting
Call spoofing – or submitting a false request for emergency assistance – is a prime example of how these threats can escalate quickly, resulting in unnecessary emergency responses, misallocation of resources, and, in extreme cases, injury or loss of life.
Swatting incidents deliberately generate unnecessary and dangerous emergency responses by falsely reporting an emergency with the intention of generating a SWAT-style response from law enforcement, often to disrupt an organization or cause harm to a specific individual.
Like many criminal threats, spoofing, swatting, and related abuses may not occur daily or even weekly, but that does not diminish their impact. Telecommunicators and first responders must remain prepared at all times because the cost of a single incident can be severe.
These events also tend to occur in waves. After a high-profile incident, copycat attacks often follow across jurisdictions, underscoring the need for coordinated awareness and consistent preparedness across ECCs nationwide.
2. Cyberattacks on Emergency Communications Systems (ECSs)
As NG9-1-1 systems shift from legacy wireline infrastructure to IP-based networks, they inherit the cybersecurity risks faced by other critical infrastructure sectors.
Ransomware, malware, phishing campaigns, and denial-of-service attacks increasingly target ECSs, seeking to disrupt operations or compromise sensitive data.
Unlike traditional nuisance calls, cyberattacks can impact multiple systems simultaneously, degrading call handling, delaying response times, or temporarily disabling emergency services altogether.
For ECCs, cybersecurity is no longer an IT-only concern. It is a frontline public safety issue.
3. AI-Generated Deception
The rise of generative AI introduces a new category of threat: highly realistic, AI-generated deception.
Synthetic voices, manipulated incident-related imagery (IRI) e.g., still images, pre-recorded video and streaming video, and deepfake content have the potential to make fraudulent emergency calls more convincing and more difficult to detect.
As these tools become more accessible, the risk of AI-assisted abuse within emergency communications is expected to grow.
Frontline Detection and Response Protocols
Behind every call is a human working under intense pressure.
ECC professionals strive for accuracy on every call. They know that even small mistakes can have significant consequences. Leaving out a detail or misinterpreting a caller’s information can put lives at risk.
The introduction of new threats such as spoofing, cyberattacks, and AI-generated deception adds another layer of cognitive and emotional stress.
As NG9-1-1 adoption and AI technology continue to advance, emergency communications must evolve alongside...
For today’s 9-1-1 telecommunicators, the challenge is no longer limited to identifying obvious prank calls.
They must navigate increasingly complex forms of deception while still adhering to their core mission.
The long-standing principle of “when in doubt, send them out” (i.e., if it could be a legitimate emergency, send first responders) remains valid.
But it now must be supported by enhanced training to identify abuses, stronger verification tools, clearer protocols, and organizational support.
9-1-1 telecommunicators today have access to far more resources than in the past. Web-based applications and call management tools can help verify caller location and corroborate details, offering additional context to more easily identify spoofed or manipulated calls.
While these tools do not replace human judgment, they enhance call-takers’ ability to respond efficiently and effectively to legitimate emergencies.
At the same time, decision-making cannot stall [in these situations]. If a call raises concerns, the safest course of action is often to dispatch first responders while clearly communicating any uncertainties or risks. Providing response teams with context about suspicious calls allows them to approach situations with greater situational awareness.
Equally important is escalation. 9-1-1 telecommunicators are trained to alert supervisors or managers when something feels off. As the first line of defense, their instincts and experience matter.
For today's 9-1-1 telecommunicators...They must navigate increasingly complex forms of deception while still adhering to their core mission.
When a telecommunicator flags a potential spoofing or deepfake scenario, it is critical that leadership responds quickly, ensuring that all relevant personnel are aware and engaged.
Technology Solutions and AI Integration
Across the public safety ecosystem, new tools are being introduced to help detect and deter spoofing, swatting, and other criminal abuses. AI is already delivering meaningful benefits within ECCs, but it is not a standalone solution for every situation.
Used correctly, AI acts as a force multiplier. During high-stress calls, AI-enabled applications can surface relevant information, identify anomalies, and suggest follow-up questions or observations.
For example, sentiment analysis and gesture recognition can help identify signs of distress, while IRI analysis can draw attention to background details that a telecommunicator might miss while focusing on the caller.
These insights are valuable, but they are not definitive. Public safety leaders are not advocating for AI to determine whether a call is legitimate on its own. A 9-1-1 telecommunicator’s experience, intuition, and the situational awareness gained from handling thousands of calls, remain irreplaceable.
Call handling software also provides practical defenses against spoofing, such as location verification tools that help confirm whether a caller’s reported location aligns with available data.
...AI-enabled applications can surface relevant information, identify anomalies, and suggest follow-up questions or observations.
Over time, these capabilities will continue to mature, but human oversight remains central to ensuring accuracy and accountability.
Building Organizational Resilience
If there is one consistent lesson across industries adopting disruptive technology, it is that training matters. Training early, often, and inclusively makes the greatest difference between successfully identifying falsified emergencies and accidentally neglecting a real crisis.
That said, technology and training alone are not enough.
Policy coordination plays a critical role in addressing AI-driven threats to 9-1-1 systems. But in many states, 9-1-1 governance is highly decentralized. Home rule structures allow counties or municipalities to make independent decisions, which can complicate efforts to implement consistent safeguards.
While national standards bodies such as the National Emergency Number Association (NENA) and the Association of Public-Safety Communications Officials (APCO) provide baseline guidance, how closely that guidance is followed varies.
Funding models further complicate the picture. When ECCs rely primarily on local funding rather than state-level support, implementing advanced defenses against false reports and spoofing becomes more challenging at scale.
One effective approach is the creation of state-level repositories for incident reporting. Encouraging ECCs to document and share spoofing events builds a collective knowledge base that benefits all jurisdictions. These repositories can inform best practices and highlight emerging patterns.
Peer coordination groups, such as statewide 9-1-1 professional associations, also play an important role. By bringing leaders together regularly, these groups enable shared learning and collective problem-solving.
At the federal level, resources from organizations such as SAFECOM and the Cybersecurity and Infrastructure Security Agency (CISA) (whose aegis SAFECOM is under), provide guidance on cybersecurity practices and data hygiene.
White papers, webinars, and conferences remain valuable channels for distributing this information and helping ECCs stay informed.
Preparing for What Comes Next
Threats to 9-1-1 systems are evolving, and defenses must evolve with them. While technology continues to advance, effective response is still grounded in human expertise, organizational trust, and continuous learning.
For ECC managers, the path forward is clear: involve people early; train consistently; use technology thoughtfully; maintain human oversight; and foster collaboration across agencies and jurisdictions.