Lack of Encryption Causes Dallas Emergency Siren Hack

The city’s sirens were hacked through radio frequencies, not a computer network.

Dallas city officials confirmed on Monday that a lack of encryption of the signal transmitted to 156 warning sirens led to the hack that kept Dallas residents awake late Friday and early Saturday.

City spokesperson Sana Syed told ABC affiliate WFAA-TV that city personnel had not set the system to use an encrypted signal before the sirens were activated. The sirens triggered intermittent false alarms for about an hour and a half until officials deactivated the system early Saturday morning.

RELATED: Your Emergency Notification Cheat Sheet

All of the 156 sirens Dallas uses to alert residents to take shelter from inclement weather went off starting at 11:42 p.m. Friday. City officials first attributed the incident a “system malfunction.”

The sirens went through about 15 cycles of a 90-second siren activation, Rocky Vaz, who heads the city’s Office of Emergency Management, said at a news conference.

“We shut it down as quickly as we could, taking into consideration all of the precautions and protocols we had to take to make sure that we were not compromising our 156-siren system,” he said.

Dallas City Manager T.C. Broadnax told reporters Monday the hack was accessed through the use of radio frequencies, and not remotely through computer software.

“The issue was with how we transmitted our information, and we’ve worked to close those gaps,” Broadnax said. “The issue was with how we transmitted our information and we’ve worked to close those gaps.”

On Monday, the Dallas office of emergency management said in a YouTube video that the system was fully operational.

This article originally ran in CS’ sister publication, Security Sales & Integration.

Get Our Newsletters
Campus Safety Online Summit Promo Campus Safety HQ