Phone cyberattack shuts down Mpls. teen crisis line for a day

Hundreds of computer-generated phone calls forced a Minneapolis crisis center to shut down its teen hot line this week, part of a growing number of cyberattacks aimed at extorting money from agencies that stand to lose the most when their phones are down.

The first such attack known in Minnesota, it forced the Bridge for Youth to shut down its teen crisis line Tuesday and switch to a different number.

The agency turned its regular hot line back on at 3 p.m. Wednesday. While the flood of calls had stopped, the incident left employees shaken.

"The bottom line from all of this was that our youth weren't able to get through, and we weren't able to conduct our business," said Joan Country­man, the organization's emergency services program manager.

In what's known as a "telephony denial of service" scam, attackers use the Internet to jam phone lines with constant calls from randomly generated numbers. Attacks have happened across the country, often targeting places where phone service is crucial, like hospitals and emergency call centers.

Massoud Amin, a University of Minnesota professor and director of the Technological Leadership Institute, said these attacks are increasing and relatively easy to orchestrate. Attackers just need a good power supply and one or more computers to call a number repeatedly and overload a telephone network.

The circumstances of the attack were much like those reported elsewhere.

The Department of Homeland Security and FBI sent out an alert about them a year ago.

"The caller usually has a strong accent of some sort and asks to speak with a current or former employee concerning an outstanding debt," the alert said. If the caller doesn't get payment, the attack is launched.

At the Bridge for Youth, the attack started with a few calls Monday evening from someone asking to be transferred to a specific employee. At 8 a.m. Tuesday, calls started coming in on every line.

Countryman said the calls were sometimes dead air and other times a man with an accent who demanded a number of things, from credit card numbers to money transfers to $525. Each time, he gave a deadline — usually one to five minutes.

In the attacks described in the Homeland Security alert, though, the caller asked for $5,000 — much more than in the Bridge for Youth incident.

Janet Hallaway, communications manager at the Bridge for Youth, said she thinks the relatively low price could've been part of the caller's strategy.

"I think there was a moment when we thought, 'Gee, it'd be a lot easier to pay the $525 and be done with this,' " she said.

On a typical day, between two and five operators run the Bridge for Youth's crisis hot line, which gets about 4,000 calls annually from teenagers experiencing everything from homelessness to abuse to sex trafficking.

The immediate crisis is over for the Uptown Minneapolis organization, but it's unclear whether officials will be able to find the attacker.

FBI spokesman Kyle Loven said because these attackers use automated dialing systems, it can be difficult to track down where the calls are coming from.

"Caller ID spoofing," or making a number that is not the real source of a call appear on a caller ID, is illegal.

Loven said he couldn't comment on this specific incident but said victims of these attacks should try to collect as much information about the attack as possible, including time of day and how often the calls come in.

Amin said these attacks, which often center on what he described as "bullying and harassment," represent an unfortunate side of technology.

"There is an opportunity to benefit society by advanced science and technology," he said. "But there's always a risk that a very small percentage of folks out there are going to abuse that."

Emma Nelson is a University of Minnesota student reporter on assignment for the Star Tribune.