The Dallas Emergency Alert System was hacked last Friday evening. Around 11:40pm all 156 emergency sirens were activated, setting off a bit of confusion among residents. It seems that the hackers activated the system more than 60 times, sending a roaring alarm sound throughout the city during the late evening hours. Dallas Mayor Mike Rawlings has promised a full investigation, tweeting that the hack “was an attack on our emergency notification system. We will work to identify and prosecute.”
Motive to hack the Dallas emergency alert system?
So you have to wonder after seeing the Dallas siren system get hacked, what was the motive behind this type of attack? Motive is always an interesting topic when it comes to cyber-attacks. Whether you are dealing with malicious nation states or script kiddies, motive can influence behaviors that are unexpected. Why would someone want to break into the Dallas Emergency Management System? Was it someone local just exploiting a vulnerability, or was this a deeper issue?
The second part of motive is not the why, but the how. How did the hackers hack into the Dallas alert notification system? Why was the emergency notification system available for any type of remote access, and who had authorized access to that system? It makes you wonder about several other questions of infrastructure, not only in the city of Dallas, but in cities across the world. We rely so much on technology, and sometimes the obvious is overlooked, like leaving default admin account credentials on public facing systems. Some of these basic cyber security practices are often overlooked especially in unregulated environments. What we should all realize in this day and age is that no system is safe from a breach.
Is trust with Dallas residents broken?
A few years ago, I was traveling through Newark airport in NJ. All of a sudden, the airport alarm system starting going off. I looked around as everyone just paused for a second and looked at each other. Then a few seconds later, it was business as usual and the alarm became an annoyance. I ran up to a TSA officer and asked what was going on, but they didn’t know. I then asked if they could find out why the alarm was going off and what we should do, but they simply said that they don’t know who to ask. Well, that’s just great!
The alarm at Newark airport wound up being activated by mistake. So what does this all mean? I am sure you have experienced several false alarms in your life. We have almost become immune to them. Typically, our first reaction is to consider it as a “false alarm.” Think about when you hear an alarm. Are you actually alarmed by it anymore? We have become immune to alarms as part of our culture because when we hear them, they are frequently tripped by mistake. So, the next time the city of Dallas hears an alarm go off, do you believe the residents will have complete trust in the process? The city will have to build back this trust with their residents and reassure the system will function as designed.
The boy who cried wolf is not an unfamiliar experience in these types of situations. The most important lesson we should learn from this experience is to take a step back and understand the most critical systems we trust in our day to day lives. Investing in a protection plan for those systems, whether they are alarms, communications, electric, water, or any other technology that people rely on, is a priority. Understanding how the technology we trust daily affects the lives of others is something that our communities can all appreciate protecting.