Dallas residents were wide awake and in a state of confusion late Friday night when the city’s outdoor emergency system was hacked, causing all of its 156 alarms to blast for an hour-and-a-half until almost 1:30 a.m.
With some interpreting the warning as a bomb or missile, a number of residents dialed 9-1-1, but the number of calls—4,400 in all—overwhelmed the system, causing some callers to wait for up to six minutes for a response, the New York Times reported.
The alarms blasted for 90-second durations about 15 times, Rocky Vaz, the director of the city’s Office of Emergency Management, told reporters at a news conference.
Mr. Vaz said emergency workers and technicians had to first figure out whether the sirens had been activated because of an actual emergency. And turning off the sirens also proved difficult, eventually prompting officials to shut down the entire system.
“Every time we thought we had turned it off, the sirens would sound again, because whoever was hacking us was continuously hacking us,” Sana Syed, a spokeswoman for the city told the Times.
Eventually the alarms were turned off, which had to be done manually, one alarm at a time.
On Saturday afternoon the system, used for hurricanes and other warnings, was still down, but officials said they hoped to have it functioning soon. They also said they had pinpointed the origin of the security breach after ruling out that the alarms had come from their control system or from remote access.
Mr. Vaz said that Dallas had reached out to the Federal Communications Commission for help and was taking steps to prevent hackers from setting off the system again, but that city officials had not communicated with federal law enforcement authorities.
Security officials have warned about the risks that such hacking attacks pose to infrastructure, which is often aging and in disrepair. Federal data shows that the number of attacks on critical infrastructure appears to have risen: to nearly 300 in 2015 from just under 200 in 2012. Attacks include a 2008 oil pipeline explosion in Turkey; a 2015 hacking of Ukraine’s power grid, leaving 200,000 people in Western Ukraine without electricity for several hours; and in 2013, hackers tried to gain control of a small dam in upstate New York. Seven computer specialists, who worked for Iran’s Islamic Revolutionary Guards Corps., were indicted for trying to take over controls of the dam, according to the Times.