Dallas Sirens

Arooutdoorwarningsirenund 11:45 PM night of April 7, 2017, the outdoor weather warning sirens began sounding around Dallas. It was a clear night, with no severe weather for hundreds of miles. Confused citizens called 911 to report or ask about the sirens, clogging lines and leading to
wait times exceeding six minutes. Others (like myself) called police dispatch lines and were told that nobody knew what was happening. Local news and the city were silent on all media channels – TV, web, Twitter, email, the Amber Alert system. The only sound we heard were the sirens, off and on for over an hour.

By the morning, it was reported that persons unknown had hacked into the warning system and activated the sirens. They had to be disabled manually by fire crews and would be unavailable for a few days while they investigated, updated and re-enabled the system. Thankfully, there was no severe weather predicted for this time.

A few possible explanations come to mind for this hack. First, it could be simple mischief.  Someone figured out how to remotely activate the sirens and thought it would be funny to wake up the city. Second, a criminal enterprise might want to use the sirens as cover for an attack or crime. Third, a malicious state actor might want to test our emergency response before initiating an invasion or attack (think Red Dawn).

Mischief seems the most likely, simply because the sirens went off and nothing else happened. This kind of hack can only be used once. By the time the sirens are re-activated, this attack vector will be closed. Using it changes the future response, making it unsuitable as an evaluation of the city’s emergency preparedness. If the sirens were to sound again, it is much less likely that people will call 911 and block the lines. The police and fire departments will be ready, and hopefully the communication system of the City of Dallas will be faster to respond. If a bad actor wanted to use this as cover, they would have already carried out their plan.

I believe this incident was a prank and not a cause of grave concern. The response to it, however, was a bit troubling. The sirens exposed a gap in the City of Dallas communications strategy. The rapid response of our local news organizations was no better. The first notification, from the Dallas Morning News, came more than 45 minutes after the sirens started. Other organizations started posting after that, and the City of Dallas was one of the last to notify the public. If nothing else, a general “we are aware, nothing to fear, please stop calling 911” would have helped. I urge all of them to review their plans and work to the people of Dallas safe and informed.

The continued integration of technology and the Internet into our systems and lives open new avenues for hacks and attacks every day. Technologists need to remain vigilant and cautious when designing systems, doing their best to ensure security. Users of technology should continuously question whether a system needs to be on the Internet and remotely accessible. While convenient, some things might be better left to on-site access and local control. The cost of an attack on an exposed system can be very high. In this case, it appears to have just cost us some sleep, and for that we can all be grateful.

Author: Kevin Hickey

I have been a professional software engineer for over fifteen years. I currently work at Intuit as an architect. I have written bootloaders, ported the Linux kernel and Android to new platforms, written CPU diagnostics, developed control software for CPU manufacturing and worked on enterprise web sites. As both a developer and program manager I have been helping software organizations become more agile for over a decade. I am passionate about helping teams deliver world-class software solutions to interesting problems. My current focus is on pragmatic agility for the enterprise. When I’m not behind a keyboard I enjoy spending time with my wonderful wife Amanda, rock climbing and hanging out with my dog Tex. In the summer you can find me in my pool or climbing something. In the winter I count the days until summer returns to Texas (I never have to count too long).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s