Hack of Dallas emergency sirens prompts more warnings to bolster cybersecurity

Credit to Author: Matt Hamblen| Date: Mon, 10 Apr 2017 09:39:00 -0700

Dallas emergency management officials continue to investigate a hack that activated all 156 emergency tornado sirens citywide for about 90 minutes early Saturday.

The city declared the sirens were activated Friday night in a hack that officials believe came from the Dallas area.

The event was a warning that businesses and organizations, including cities and emergency operations centers, need to guard against similar breaches, whether they may come from disgruntled employees, hackers trying to pull a stunt, or a more nefarious group working for an enemy state, analysts said.

The sirens blared for about 90 minutes, ending about 1:17 a.m. Saturday, after scaring residents and alarming officials. The city’s 911 system was deluged with calls, double the normal number.

All 156 sirens were activated for their full cycle of 90 seconds about 15 times, said Rocky Vaz, director of the city’s Office of Emergency Management.

The system was eventually disabled. “There was something wrong beyond what we were able to manage remotely or even coming in to the EOC (Emergency Operations Center),” Vaz told reporters on Saturday.

The city determined that none of the city’s control systems and remote log-ins were involved in the false activation, Vaz said.

In November, West Shore Services of Allendale, Mich., won a $567,368 contract to maintain and repair the city’s emergency sirens over the next six years, according to the Dallas News. West Shore could not be reached for comment.

Dallas has about 1.5 million residents, and there are 7 million residents in the wider Dallas-Fort Worth area.

If remote log-ins weren’t the pathway for the hack, then it is more likely a hacker inserted malware into the emergency control software, possibly days or weeks in advance of the Saturday event, analysts said.

“Likely it’s someone who planted a piece of code in the system and that was highly likely to have been done in the past due to a hack that was probably done remotely,” said Jack Gold, an analyst at J. Gold Associates.

Gold said it was not surprising the hack occurred given that government systems in general are the least secured.

“The battle against hacking is an ongoing one that is never finished,” Gold said. “All entities, government or otherwise, have to continually monitor and assess their security mechanisms against emerging threats. Many don’t…It has to be a continuous fight. This is not a simple problem for anyone to solve.”

http://www.computerworld.com/category/security/index.rss