The city of Dallas, Texas believes computer hackers are responsible for setting off its emergency sirens more than a dozen times in just a few hours.
Dallas authorities say the city’s 156 sirens began blaring shortly before midnight on 7 April. Fire-Rescue crews tried to fix the problem, but after the sirens sounded more than a dozen times, they had no choice but to disable the emergency system at around 1:20 a.m.
The Office of Emergency Management (OEM) sent out a public statement via Twitter explaining the siren system had experienced an issue and urging people to not call 911.
System malfunction with City of Dallas siren system. Crews working to fix. No emergency. Please do NOT call 911. Thank you.
— City of Dallas Office of Emergency Management (@DallasOEM) April 8, 2017
But many people didn’t listen.
Before 3:00 a.m. on 8 April, the city’s emergency services received 4,400 calls – twice the number residents normally place between 11:30 p.m. and 7:00 a.m.
Those calls swamped an already compromised 911 system, driving up the average wait time from 10 seconds to six minutes.
City spokeswoman Sana Syed is sympathetic with people having been concerned. As she told Dallas News:
“We understand that people were concerned. We had people asking if we were being attacked because of what’s going on overseas.”
It took Dallas authorities several hours to fix the issue. At around 9:00 p.m. on 8 April, authorities reactivated the system.
@CityOfDallas outdoor warning siren system now operational. More safeguards being put in place this wknd. More info tomorrow. @DallasOEM
— Dr. Sana Syed (@SanaSyedKI) April 9, 2017
The city of Dallas is convinced someone outside its system compromised the sirens. They know how they did it, and they’re working to prevent it from happening again. As of this writing, authorities don’t know was behind the issue. But given the vulnerability of emergency systems to hackers, Mayor Mike Rawlings told Dallas News he’s determined to find out:
“This is yet another serious example of the need for us to upgrade and better safeguard our city’s technology infrastructure. It’s a costly proposition, which is why every dollar of taxpayer money must be spent with critical needs such as this in mind. Making the necessary improvements is imperative for the safety of our citizens.”
Attribution could prove to be a challenge. But you never know. The responsible party could have slipped up and made some damning mistakes that will lead law enforcement straight to their doorstep. Let’s hope that’s the case.
I think I'd be careful in how I describe this event. Arguably a "hack", although likely not a cyber attack, per se. I might be picking nits here, but when I saw that the FCC was the agency investigating this, I came to the conclusion that the actor is most likely someone who spoofed the activation codes and transmitted into the radio system that activates the sirens. Keep in mind that warning sirens are generally tested once a month. It is relatively trivial to determine what frequency is being used to transmit the codes. Anyone with a decent scanner could probably pick those up and someone with some amateur radio knowledge likely has the equipment to record and decode the signal (assuming that it was not encrypted). Playing back the signal requires knowledge of the radio system and a transmitter at the right frequency. I'm not suggesting that a ham radio operator, per se, is responsible, but the equipment and knowledge is generally available. Since Dallas indicates that they have "fixed" the issue, I suspect that the signal wasn't encrypted or secured previously — and it is now.
It's not uncommon for someone to buy a radio on eBay and set about sending rogue transmissions into public safety radio systems. Thus it wouldn't be a far stretch for someone to obtain the appropriate equipment to do this in the same manner.
From publicly available documents, it appears that the warning siren system is relatively new, so this wasn't a trivial hack of an ancient system. Someone needed to understand the technology and have the means to transmit the signal. http://www3.dallascityhall.com/committee_briefings/briefings0809/PS_Outdoor_Warning_Siren_081709.pdf
Nailed it. They've stated that the person who did this had to be in proximity to the system and probably had knowledge of the city's gear required to pull this off. The system communication was unencrypted and now is.
https://www.dallasnews.com/news/news/2017/04/10/hacker-broadcast-signal-triggered-dallas-emergency-sirens-friday-night
Also, this is not the first time this sort of thing has happened. Happened in Illinois in 2012.