Hackers set off 156 tornado warning sirens in Dallas

Posted Apr 10, 2017 by James Walker
Hackers set off all of Dallas' emergency warning sirens in a weekend cyberattack. The large sirens blared out for over an hour at midnight on Friday, continuing into early Saturday morning. Eventually, city officials took the entire network offline.
Thomas Samson, AFP/File
Dallas is one of many U.S. cities with a grid of sirens used to alert residents to impending environmental threats. They are activated during hurricane and tornado season to ensure citizens aren't caught unawares outdoors or in an unprotected area.
At 23:42 local time on Friday night, Dallas' 156 sirens were simultaneously triggered, blaring out over the city as residents slept. Footage uploaded to social media sites by people woken up by the warnings shows how loud the resulting cacophony was. The city lay eerily motionless as the sirens rang out in all directions.
The incident was given a mixed response by residents. Attitudes ranged from amusement through to genuine fear. The city's 911 call centre handled over twice as many calls during the period as on a typical Saturday night.
While the cause of the disturbance wasn't initially clear, city officials have since confirmed the sirens were triggered by a cyberattack. When it became apparent the perpetrator wasn't going to back down, Dallas' Office of Emergency Management began the process of shutting down the warning network on Saturday morning. By 01:17, the sirens were disabled and engineers could be diverted to identifying the cause of the intrusion.
Dallas officials are now aware of how the siren system was hacked. The city is installing additional safeguards to prevent a similar attack occurring again. The FCC has been contacted with a request for help in identifying the people responsible for the incident.
"We can state at this time that the City's siren system was hacked Friday night," said a City of Dallas representative. "For security reasons, we cannot discuss the details of how this was done, but we do believe that the hack came from the Dallas area. We have notified the FCC for assistance in identifying the source of this hack."
The attack follows a spate of similar hacks targeting city infrastructure that hit Dallas last year. Electronic traffic and construction signs were hijacked to display messages related to the U.S. presidential election and other topical news stories of the period. It is unclear if the same person or group of people was behind Friday night's siren attack.
The two events do now appear to be unrelated but this has not been confirmed. In a news conference over the weekend, Dallas officials ruled out a remote hack as the cause of the siren incident. It seems as though the perpetrator acquired physical access to the network hub linking the sirens together. The city is now trying to piece together who was responsible and how the rest of the attack played out.
The siren network is now being prepared for reactivation. Residents have been warned that the network may blare out again when it is turned back on. City officials warned citizens not to continue calling emergency helplines if the sirens sound again. Official alerts will be provided on Facebook or Twitter before the system is tested to ensure people are aware there's no danger.