Approaching midnight on a seemingly normal Friday night in Dallas, Texas, when the city’s emergency sirens start to sound. Too early for tornado season, the confused citizens begin to panic, many jump to horrifying conclusions after a week of news that included North Korean missile testing and use of chemical weapons in Syria. Living in this climate of fear, the city’s residents overwhelm the 911 emergency response phone line. There was no terror attack however, no extreme weather, no dangerous emergency at all.
At 11:40pm on April 7th, two weeks ago, hackers took control of all 156 emergency sirens in the north Texas city. Taken by surprise, city officials had to first confirm there was no real emergency but even then they were unable to turn off the system. The continuous nature of the cyber-attack meant that the sirens were only shut down after one hour and forty minutes of noisy confusion, raising important questions about smart city vulnerability.
“Every time we thought we had turned it off, the sirens would sound again, because whoever was hacking us was continuously hacking us,” said Sana Syed, a spokeswoman for the city, said in a telephone interview. Syed noting that the sound of the sirens, usually meant to alert the public to severe weather or other emergencies, was interpreted by some as a warning sign of a “bomb or something, a missile.”
The emergency siren system was offline until Sunday and officials claim to have pinpointed the origin of the attack to the metropolitan district. “We do believe it came from the Dallas area because of the proximity to our signal you need to have in order to pull it off,” Ms. Syed said. While causing no real damage, the authorities have signalled their strong intentions to catch and punish those responsible.
“Last night’s hack was an attack on our emergency notification system. We will work to identify and prosecute those responsible,” Dallas City Mayor Mike Rawlings said on his official Facebook page. “This is yet another serious example of the need for us to upgrade and better safeguard our city’s technology infrastructure,” he added.
Many experts believe this was a white-hat hack however. An attack intended to highlight potential security problems rather than actually disrupt the citizens of the city. The timing’s limited economic impact seems to support that theory, but white-hat or not the hack is a timely warning of the increasing vulnerabilities brought about by Dallas’ smart city developments.
Dallas has been slowly introducing smart technology over the last decade for a variety of safety, efficiency and environmental initiatives. It was one of three cities that adopted an AT&T smart city framework in early 2016. It launched its smart city ‘living lab’ on March 27th this year, and will host city authorities, academia, nonprofits and others from around the state for the first state-wide smart city initiative on April 20-21st in conjunction with Earth Day Texas.
The timing of the attack could very well be to highlight smart city vulnerabilities during these discussions, and while it might not save the proponents from prosecution, it is likely to serve its purpose. The smart city is all about connectivity, by introducing internet of things (IoT) devices across the urban area, all connected to central system, you inevitably increase the number of attack points. The recent attack appears to be white-hat because the impact of setting off sirens is limited; many more vital smart systems have similar vulnerabilities.
Attacks could disrupt the very heart of urban society; knocking out power, contaminating water, gridlocking road systems or backing up waste. While physical security systems, discussed in depth in our recent report The Physical Security Business, directly impact personal safety if accessible by terrorists or criminals.
Major cyber physical attacks have occurred around the world in recent years. Ukraine’s power grid was hit in December 2015 and 2016 amidst the conflict with Russian rebels in the east of the country. Israel and Turkey also experienced significant outages due to hacks on their increasingly smart grids. And IoT devices at the center of the biggest cyber attack in history that brought down several of the internet’s biggest sites using a DDoS assault last October.
Dallas officials declined to give specific details about the nature of the breach, citing security reasons. No doubt they prefer not to provide information on their vulnerabilities before they’ve solved them. There is also little doubt that the recent attack, whatever its intentions, will increase urgency for finding those solutions in Dallas and smart cities around the world.