If you've ever witnessed an emergency siren test, you know how terrifying these things are: engineered to be bowel-looseningly urgent, to pierce through any sense that it's probably just a misfire, to motivate you to drop everything and rush for the emergency shelters, equally useful for tornadoes and incoming ICBMs.
So when a hacker set off all 156 of these sirens more than a dozen times between 11:30PM on Saturday and 3AM on Sunday, it threw the city into chaos, sparking 4,400 911 calls.
Any bets on how it was done? Is the system built on Windows 2000, running thousands of known, unpatchable vulnerabilities? Was it hooked up to modern unpatchable no-name IoT gadgets? Was the password set to 00000000? Or did a helpful security consultant decree that passwords be changed once a month, thus guaranteeing that they'd be memorable and written down on post-its stuck to every terminal?
Maybe all of the above.
City officials have discovered how the system was compromised and are working to keep it from happening again—as of around noon on Saturday, the system had apparently been reactivated, and the city was working to implement "more safeguards" over the weekend. They aren't disclosing how the system was compromised or who may be responsible, but Dallas Office of Emergency Management directory Rocky Vaz told the Dallas Morning News that it was likely "someone outside our system" but still in the Dallas area.
Hackers set off Dallas’ 156 emergency sirens over a dozen times
[Andrew Cunningham/Ars Technica]
(Image: Ben Franske, CC-BY-SA)
Wired security reporter Andy Greenberg's latest book is Sandworm (previously), a true-life technothriller that tells the stories of the cybersecurity experts who analyzed and attributed as series of ghastly cyberwar attacks that brought down parts of the Ukrainian power grid, and then escaped the attackers' control and spread all over the world.
Daniel Moghimi, Berk Sunar, Thomas Eisenbarth and Nadia Heninger have published TPM-FAIL: TPM meets Timing and Lattice Attacks, their Usenix security paper, which reveals a pair of timing attacks against trusted computing chips ("Trusted Computing Modules" or TPMs), the widely deployed cryptographic co-processors used for a variety of mission-critical secure computing tasks, from verifying software […]
The privacy-focused web browser Brave has finally launched a 1.0 version, bringing it officially out of beta.
Does your computer gear need an upgrade? Don’t cross your fingers and wait for Christmas. You can get 15% off the final sale price of all these essential accessories now by using the online code BFSAVE15, including gaming mice and computer desks. Wireless Charging Mouse Pad Talk about a space saver. This high-quality mouse pad […]
WordPress is a fantastic tool for building web pages – if you know how to use it. Even with all the accessibility, a lot of the deeper features of WordPress are lost in translation to the average user. Enter WP Page Builder, a tool that not only makes WordPress site design easy but also more […]
In this age of ever-shrinking gadgets, it bears reminding that sometimes bigger is actually better. And if you care about audio quality, we can’t think of a better example of this principle than these TREBLAB Z2 Bluetooth 5.0 Noise-Cancelling Headphones. We know tiny Bluetooth earbuds are all the rage right now. But their battery life […]