Hackers in Dallas Trigger 156 Emergency Alarms 15 Times

Ray Walsh

Ray Walsh

April 10, 2017

On Friday, a hacker penetrated Dallas emergency systems, repetitively triggering alarms all over the city. The attack in the famous Texas city lasted just under two hours, from 23:40 until about 01:20, waking up concerned people all over the city. The cyberattack has been described by the Mayor of Dallas as proof that the aging infrastructure of the city’s emergency systems needs to be updated.

The attack affected all 156 of the city’s emergency sirens, which went off in a coordinated manner during the night. The timing of the attack left many people concerned, causing them to inundate 911 with puzzled calls. It is believed that the alarms went off 15 times in total during the two-hour period, ringing for about 90 seconds each time.

News has also emerged that some 4,400 calls to the emergency services were made during the hours of the attack. That is more than double the average number of nightly calls.According to Sana Syed, a spokesperson for the city council, people were hugely concerned about the repeated sounding of the city’s emergency sirens.

The city council usually only uses the alarms to warn of an incoming weather emergency. However, the public is also aware that the alarms are available for use if there is another threat to the city.

Concerned Citizens

Due to reports of the US’ decision to attack Syria with around 60 Tomahawks, people feared that war had broken out. “I can understand the concern,” Syed said, in reference to people’s worries that the alarms might have been triggered because of “a bomb or something, an incoming missile.”

Social media was also abuzz with people in the city wondering what the hell was going on. According to the emergency services, the average response time for incoming emergency calls went up to around six minutes during the time that the emergency hotlines were suddenly flooded.

So far, Dallas emergency services have refused to share too many details about the attack. However, it is known that the authorities believe the perpetrator was local. This is what Syed had to say:

“We do believe it came from the Dallas area because of the proximity to our signal you need to have in order to pull it off.”

The Hunt Begins

So far, it is not clear what Syed meant by that comment, or how they believe the hacker penetrated the city’s alarms. The Mayor of Dallas Mike Rawlings has referred to the attacks as “an attack on our emergency notification system.” He has promised that the city will use all of its available resources to catch whoever it was that carried out the attack.

According to Rocky Vaz, director of the city’s Office of Emergency Management, at first emergency services employees were just as confused as everybody else, wondering whether the alarms were going off for a legitimate reason. It took technicians a little while to find out exactly why the alarms were going off, Vaz explained.

In addition, Syed commented that once assurances had been issued that no emergency was underway, the alarms were not easy to stop:

“Every time we thought we had turned it off, the sirens would sound again, because whoever was hacking us was continuously hacking us.”

Origin Unknown

The emergency management director has also confirmed that the attack appears to have come from an external source, commenting that they have, “a good deal of confidence that this was someone outside our system.”

The worry, then, is that it is a little too early to say that this was a local attack (as Syed claimed in an interview). After all, if this turns out to be an international hacker messing with US infrastructure, the story could turn out to be much bigger than first thought.

Emergency Shutdown

It would appear that whoever was in the system had full, ongoing control of the alarms, and the ability to re-trigger them again and again. In the end, the only way to shut down the alarms was to deactivate the entire system. This is what Vaz had to say:

“We shut it down as quickly as we could, taking into consideration all the precautions and protocols we had to take to make sure we were not compromising our 156-siren system.”

On Saturday night, nearly 24 hours later, however, the alarm system was still completely shut down, to avoid allowing the hacker to have another go at sounding the alarms. Officials on Saturday night said they were hoping to have the system up and running as usual by the end of the weekend.

Mr Vaz, the director of emergency responses, has also suggested that whatever happened was highly unusual:

“Talking to all the experts in the siren industry, in the field. This is a very rare event.”

He also revealed that the Federal Communications Commission (FCC) had been contacted and was aiding both the attempt to pinpoint the origins of the attack, and the effort to stop the hacker from setting the alarms off again. It is not yet known if the Federal Bureau of Investigation (FBI) is also involved in trying to catch the hacker.

Black Hat or White Hat?

For now, it is unknown whether the Dallas authorities have succeeded in getting the system up and running again. Neither is it known if the police have become involved in the search to find the hacker. However, with such a large attack on infrastructure, it seems highly likely that the police will be involved.

One can only hope that this was a case involving a white hat hacker, who wanted to noisily alert local authorities to a hole in the system. In addition, one can’t help wondering how many more cities around the US might have a similar vulnerability in their alarm systems. Only time will tell, but as the Dallas Mayor rightly said, whoever the attacker was has made it pretty clear that Dallas security infrastructure is in dire need of an overhaul.

Title image credit: sevenMaps7/

Image credit: Pretty Vectors/

Image credit: 3DDock/

Image credit: Maksim Kabakou/

Image credit: MatiasDelCarmine/

Exclusive Offer
Get NordVPN for only
Get NordVPN for only