Hacked sirens should serve as warning that better infrastructure security is needed

Dallas breach shows that government and city systems nationwide must be more closely monitored against emerging threats

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

It’s tempting to ignore the warning sirens that blared Dallas out of bed last Saturday night, the work of a hacker. But that would be a very serious mistake.

Bob Sullivan, journalist and one of the founding members of msnbc.com

We hear so much about the importance of securing America’s critical infrastructure systems. Then you find out that the company responsible for maintaining the Dallas outdoor warning siren network also is an office furniture moving company.

Related video: Start-up helps lock down industrial controls, secure critical infrastructure

In case you missed it, outdoor sirens in Dallas screeched continuously the night of April 4, harassing many of the city residents with the ultimate false alarm. Initially believed to be a malfunction, city officials conceded it was a hack by Sunday.

The sirens are supposed to warn residents about immediate danger, like tornadoes. They did their job. America just received perhaps the clearest warning ever that our essential services are comically easy to attack, putting our citizens in serious peril. Will we listen, or just go back to sleep?

Big problem no matter the source

No one died Sunday morning. There was no blood, so there weren’t any dramatic pictures. But there will be. It doesn’t take much imagination to see how easily this hacker prank (or, was it a test?) could have gone very wrong. For starters, it served as a denial of service attack on the city’s 911 system, which was overwhelmed with calls.

More than 4,400 911 calls were received from 11:30 p.m. to 3 a.m., the city said. About 800 came right after midnight, causing wait times of six minutes. As far as we know, no one died because of this. But that could have happened.

But that’s only the tip of the iceberg. Security experts I’ve chatted with have warned for years of a hybrid attack that could easily cause panic in a big city. Imagine if this hack had been combined with a couple of convincing fake news stories suggesting there was an ongoing chemical attack on Dallas.

Without firing a shot, you could easily see real catastrophes. Take it a step further, and combine it with some kind of physical attack, and you have a serious, long-lasting incident on your hands. Death, followed by massive confusion, then panic, then a bunch of sitting ducks stuck in traffic.

Playing the “what if” game sometimes leads to exaggeration. But it is called for when someone is about to ignore a warning sign. So I asked security consultant Jeff Bardin of Treadstone 71 to tell me why the Dallas incident should be taken seriously.

Potential catastrophe

For one, it could have been a diversionary tactic.

“Testing the emergency systems, getting to a ‘cry wolf’ state of affairs, getting authorities into a full state of chaos and confusion while hacking and penetrating something else. Kansas City shuffle,” he said. “This looks to me to be a test of the systems. It could also be more than a test, meaning what was hacked during this fake emergency?”

Dallas has been hit by “prank” hacks before. Last year, traffic signs were hijacked to display funny messages like “Work is Canceled — Go Back Home.” Very funny. But this means we know the city’s systems are being actively probed. Any intelligent person has to consider what other systems this person or gang has toyed with. And, more important, what other cities have they toyed with.

“If I, as a hacker, can control the emergency systems, alarms, building security, HVAC, traffic lights, first responder system, medical facility interfaces, law enforcement, etc., all the normal physical systems that now have internet interfaces, I can control the whole of the city,” Bardin said. “What else was penetrated during this ‘test?’ How many other major cities in the U.S. operate the same way? What was injected into these systems during the test for later access?”

Hopefully, the Dallas siren hacker is a kid who found flaws in a very old, insecure system and had some fun for a night, Bardin said. Perhaps it was someone trying to “prove a point,” though in a careless, dangerous way that did put lives in danger.

Back to business as usual?

Point not made. Life is full of disasters averted, then ignored. The planes that almost collided. The car accident narrowly averted. The key that was lost but is found.

It’s 48 hours after a major U.S. city had its sirens blaring all night long. Are you hearing about federal investigations? Are you hearing about executive orders around critical infrastructure? (You did. But then, you didn’t.)

As for the furniture-moving company behind the sirens, it’s probably unfair to blame them. The Dallas Morning News reported that Michigan-based West Shore Services was in charge of maintaining the system.

But the biggest question of all: Will anyone hear this warning siren? Or will we all go back to sleep, like Dallas did?

Dallas Mayor Mike Rawlings seemed to get it, and called for serious investment in the wake of the attack.

“This is yet another serious example of the need for us to upgrade and better safeguard our city’s technology infrastructure,” he wrote on his Facebook page. “It’s a costly proposition, which is why every dollar of taxpayer money must be spent with critical needs such as this in mind. Making the necessary improvements is imperative for the safety of our citizens.”

Let’s hope someone listens, and those sirens are heard far outside Texas.

More stories related to widespread hacking:
Threat of cyber attack on critical infrastructure is real, present danger
Recent network outages point to critical technical vulnerabilities
Popular websites knocked down by IoT-enabled DDoS attack

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Posted in Cybersecurity, Featured Story