The hacker who set all 156 of Dallas’ emergency sirens roaring Friday night didn’t do it by breaching a computer system — they did it entirely by radio.
A city official says that Dallas’ sirens are controlled by radios, not computers and software, and that it was a vulnerability in the radio system that allowed the attack to happen, according to the Dallas Observer.
Warning sirens often rely on radio transmissions for activation, sometimes listening for signals similar to a phone’s dial tone. Dallas’ system wasn’t using encrypted signals, according to the Associated Press, which seems to have allowed a malicious party to discover the activation code and send it out to every siren in the city.
Dallas’ city manager, T.C. Broadnax, declined to elaborate further how the attack worked, saying, “I don't want someone to understand how it was done so that they could try to do it again,” according to the Observer.
But that might not matter at this point. Broadnax also said the city made “security and technological improvements” over the weekend that should prevent similar attacks going forward. That largely seems to mean adding encryption.