Hacked tornado sirens taken offline in two Texas cities ahead of major storm

City officials took hacked tornado sirens offline ahead of major storm. Luckily, they weren't needed.
Written by Catalin Cimpanu, Contributor

A hacker set off the tornado emergency sirens in the middle of the night last week across two North Texas towns. Following the unauthorized intrusion, city authorities had to shut down their emergency warning system a day before major storms and potential tornados were set to hit the area.

The incident impacted DeSoto and Lancaster, two cities in Dallas County, Texas --both suburbs located south of the main Dallas metropolitan area.

On the night of March 12, between 02:30 and 04:00 AM (local time), a hacker set off the two cities' tornado sirens, waking locals in the middle of the night.

Over 30 sirens went on and off, with 10 in DeSoto and 20 in Lancaster.

Some residents also reported alarms going off in the nearby suburbs of Red Oak, Cedar Hill, and Glenn Heights, but the incidents didn't affect the entire cities, and sirens didn't blare for hours.

The false alarm caused quite the panic in the two towns, as locals were already on the edge of their seats regarding incoming storms. The city had run tests of the tornado alarm sirens a week before, but the tests were set during the middle of the day and had long concluded.

It was a hack

According to CBS Dallas, DeSoto and Lancaster officials who investigated the incident confirmed the two emergency alarm systems had been hacked and set off "intentionally," excluding the possibility of a freak technical accident in the two cities at the same time.

"Based on the widespread impact to the outdoor sirens located in two separate cities, including Lancaster, it has become evident that a person or persons with hostile intent deliberately targeted our combined outdoor warning siren network," Lancaster officials said in a statement.

"Sabotage against a public warning system is more than vandalism. It is a criminal act and those responsible are subject to arrest and prosecution," officials said said.

The two hacked systems were taken offline the next morning, and remained offline ever since.

Major thunderstorm hit the towns a day later

Bad weather, including storms and potential tornadoes, was announced for all last week in the North Texas area. A severe thunderstorm hit the two cities the following night, on March 13.

Thunderstorms are known to produce brief tornadoes, but luck had it that no tornado formed and hit the towns that day.

Tornadoes are frequent in Texas, as the state is located in Tornado Alley, and tornado season, a period of the year between March and May when most tornadoes happen, had officially begun.

Nevertheless, a tornado didn't form on March 13, and, luckily, the sirens weren't needed.

The powerful thunderstorm did hit the two cities hard, and the Dallas area as a whole, knocking down trees, destroying houses, and leaving several neighborhoods without power.

A repeat of the 2017 Dallas incident

This is not the first time that something like this happened in Dallas County.

In April 2017, a hacker exploited a "radio issue" to set off 156 tornado sirens for hours across the city of Dallas in the middle of the night. Dallas city officials answered that hacking event by adding encryption to the radio signal that controlled the city's sirens, preventing any amateur radio enthusiasts to hijack their control signal.

The tornado sirens in DeSoto and Lancaster are not part of the Dallas tornado emergency system, according to this map, hence, they didn't feature the same protection.

In April 2018, security researchers from Bastille published a report about the SirenJack vulnerability affecting a popular emergency alert system. SirenJack could allow hackers to hijack sirens and trigger alarms.

16 gadgets and services for beer nerds

Related cyber-security coverage:

Editorial standards