What a Racket! 156 Dallas Emergency Sirens Hacked

Imagine that you are relaxing at home on a Friday night. It's around 11:30 p.m. and you are deciding whether to go to bed or stay up to watch a movie. While deciding what to watch you gently fall asleep with remote in hand, just to be woken up a cacophony of emergency sirens. Is there a tornado? Some sort of natural disaster?

You call 911 - along with 4,000 other concerned citizens - just to find out there is no emergency. Even so, a siren blares every 90 seconds... for the next hour and a half. So much for your tranquil Friday evening.

This exact scenario took place in Dallas, Texas in mid-April 2017. The cause of the alarm wasn't an emergency or even a technical failure, it was hackers. And while the attackers have not been discovered, it did reveal the flaws in our digital infrastructure.

Of course, cybersecurity risks don't just affect public services, businesses are also in danger of being hacked. Improve your chances of overcoming a cyberattack with CyberPolicy!

The Siren Song
Surprisingly, Dallas' rude awakening by 156 screaming sirens wasn't due to a software security flaw, but rather an outdated and flawed radio communication system.

Dallas City Manager T.C. Broadnax says the radio signal was spoofed by hackers and measures have been taken to prevent the incident from happening again (although he did not reveal what those measures were, fearing that it could inspire copycats).

Reporters to TechCrunch speculate that the hackers may have recorded the siren commands during a system test or actual tornado, then played them back to launch the attack. Another idea is that the assailants played a number of command signals in hopes of setting off the alarms; something which is not dissimilar to a brute force attack to crack passwords.

Still, the Dallas attack isn't the only time our infrastructure has been hacked. In 2016, a small New York dam was incurred by seven Iranian computer hackers. In Arizona, one novice cybercriminal launched a distributed denial-of-service attack against 9-1-1, resulting in flood of bogus phone calls. In lighter news, electronic road signs are regularly compromised to display silly messages including \"Zombies! Run!\" or \"Hackers Rule.\"

Thankfully, incidents like these are typically part of a prank or are meant to stress test security flaws (as in the case of Iran's dam hack). But that's not to say that tragedy is an impossible dream. In fact, many experts believe it's only a matter of time until our vulnerabilities are exposed and exploited.

Learning the Easy Way
Don't wait until it's too late. Find a way to stymie cyberattacks against your business. Common steps to improve your security include:

  • Improving password protocols to prevent prevent data breach.
  • Hiring an external IT team to monitor your network.
  • Installing a network firewall to block unauthorized users from accessing your data.
  • Hosting regular cybersecurity training sessions to keep your team abreast of digital threats.
  • Employing DDoS mitigation techniques to redirect or sinkhole malicious traffic requests.

And finally, investing in data breach insurance from CyberPolicy. Interested in learning more about cybersecurity insurance? Get your free quote today!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375