A cyber-attack set off all the emergency sirens in Dallas, Texas, for a spell of around 90 minutes on Friday night.
As reported by Reuters, the attack successfully triggered 156 sirens, normally used to warn of dangerous weather conditions such as tornadoes, at 11.42 p.m. CDT. It took engineers until 1:17 a.m. on Saturday to manually shut down the sirens’ radio system and repeaters.
“At this point, we can tell you with a good deal of confidence that this was somebody outside of our system that got in there and activated our sirens,” emergency management director Rocky Vaztold told reporters.
It is estimated that the hack was among the largest to impact emergency sirens and whilst the exact details of the attack are currently under investigation Itay Glick, CEO of Votiro, expressed the view that it was probably carried out by an activist or hacker wanting to create chaos.
“This shows that our infrastructure is extremely vulnerable to attacks,” he said. “As it is not yet known how exactly this hack happened, it could have come from an insider threat, a hack of the communication channel of the alert system, or a remote hack using a spear phishing attack.”
Glick added that automated emergency systems such as those targeted in this breach are extremely problematic as they may have failed safety mechanisms in place in order to trigger their operation automatically.
“As it took a lot of time to turn off the alert, I would believe that somebody likely found a way to signal a fake tornado. I believe that security and encryption should be applied in all data channels, whether it is through the internal network, and the less addressed, emergency network for the sirens. It is also important to protect IT infrastructure (such as email) in order to prevent remote attacks on the system, specifically with zero-day exploits, that can be prevented by Content disarm and reconstruction technology.”