How did hackers set off 156 tornado sirens in Dallas, Texas Friday night? Here’s an educated guess. They are usually activated by a radio signal sending a dual-tone multi-frequency signaling (DTMF) tone. Here’s what that looks and sounds like, from a video uploaded on Nov 6, 2011.
This was recently shared on Reddit. Oops. Problem is, you can hear what tones are playing (and thus what the numbers are they are sending to activate the alarms). Others could find a different means to figure it out what numbers are dialed in this video. The numbers do seem to be the “on” the signal. There is more to it, obviously, and even if we knew how the sirens receive their radio signals, we wouldn’t want to risk someone waking up the whole city of Dallas again, or some other city. See:
“It all comes from American Signal. They set all this up for us. … when we activate it here, it sets them all off… we sent the signal from the remote… the old one is controlled by a telephone line … it’s being updated to the same system with the radio and all that.”
American Signal also creates military mass notification systems and systems for nuclear facilities. Their website says:
Our product solutions and installations are designed to meet or exceed the United Facilities Code (UFC) 4-021-01
One model could be activated by ethernet, satellite, radio, cellular or land line. They can broadcast pre-recorded voice messages. Sounds like a city wide school PA system.
UFC 4.21.1 calls for a secure personal computer based central control unit, so I can see why some officials might’ve been really spooked by this.
Tip: Change default passwords, use long hard to guess passwords, and protect your passwords. Please don’t post them publicly on YouTube.
I’d be willing to bet that most of the supposedly “sophisticated scary dangerous terrorist” hackers we hear about in the news are just guessing correctly because people use default or simple passwords.
I’m not saying that’s the case here, but that’s how Gary McKinnon, that UFO hacker, said he got into major systems at NASA and then supposedly saw an extraterrestrial craft.
Here’s the story:
Dallas’ 156 sirens, normally used to warn of tornadoes and other dangerous weather, were triggered at 11:42 p.m. CDT on Friday. The wailing did not end until 1:17 a.m. CDT on Saturday when engineers manually shut down the sirens’ radio system and repeaters, city Emergency Management Director Rocky Vaz said.
“At this point, we can tell you with a good deal of confidence that this was somebody outside of our system that got in there and activated our sirens,” he told reporters.
… Turning the sirens off took nearly two hours, triggering more than 4,400 calls to the city’s overtaxed 911 system. Many of those calls were reportedly from residents concerned that the sirens signaled a violent attack. …
In a Facebook post following the attack, Dallas Mayor Mike Rawlings described the incident as “another serious example of the need for us to upgrade and better safeguard our city’s technology infrastructure.”
Last November, the Dallas City Council allocated $567,368 to upgrade the emergency sirens, which primarily serve to warn residents of the thunderstorms and tornadoes that regularly sweep through North Texas during the spring.
City Council member Philip Kingston told the Dallas Morning News that he was “terrified” by the implications of the hack, and that increasing the cybersecurity of the siren system should move to the top of a long list of needed safety upgrades. Speaking to the New York Times, a spokesperson said the hack likely originated in the Dallas area. The city has asked the Federal Communications Commission to help with the difficult task of identifying a culprit.
… City spokeswoman Sana Syed said officials believe the hack came from the Dallas area. Vaz said city officials have asked the Federal Communications Commission for help in determining who was behind the hack. He said police were not involved yet.
“We can’t talk a whole lot about the hack itself, because obviously we don’t want this to happen again,” Syed said.
When is the last time you updated your own passwords?