City officials don't know who triggered Dallas' outdoor warning sirens late Friday, but they do know how it was done — by broadcasting a few tones, via either radio or telephone signal.
In other words, there was no computer hack.
"It's a radio system, not a computer issue," Dallas City Manager T.C. Broadnax said Monday morning.
The city's outdoor warning sirens had to be manually shut down and turned back on late Sunday, with "immediate fixes" intended to prevent the type of hacking that woke up — and shook up — the entire city Friday night, according to Broadnax.
"As we brought the system back up, some encryption was added as part of our process to prevent this type of error from occurring going forward," he said.
But the fix could be short-term as city officials investigate replacing the system that triggers the sirens.
Dallas' emergency warning sirens, like many across the country, are radio-controlled and activated via encoded pagers that send tones to receivers attached to each siren. In Dallas' case, it appears that someone gained access to those pagers and transmitted the tones that turned on all 156 sirens across the city, Broadnax said.
Broadnax said he was "leery about [sharing] how these systems work," confirming only that "it's a tonal-type system."
A similar hack occurred in Lemont, Illinois, in 2012, when an unauthorized signal triggered the that town's radio-controlled sirens. Officials there employed a similar fix, encrypting the signal.
On Saturday city officials said they believed the hack originated locally. Broadnax said the Dallas Police Department is leading the investigation, but that the FBI and Federal Communications Commission have been brought in to assist.
"We are not sure what specifically the FCC is going to do and can do in terms of their resources in how they addresses this case," he said. "But we are working with the FBI to see if we can find the individuals who committed this crime, and as the mayor indicated, to make every effort to prosecute them to the fullest extent of the law."
FBI officials said Monday they cannot confirm or deny their involvement in the investigation. A FCC spokesperson said information, if available, will be provided later.
Broadnax confirmed that no computer hacking was involved in Friday night's incident. He said a more extensive overhaul of the outdoor warning system could be in the city's future. But it won't be inexpensive or immediate, he said. Updates will be provided to the Dallas City Council, in public and behind closed doors, in coming days.
Well, ya finally woke up the kid in a panic. pic.twitter.com/bN0WA9i84w
— Robert Wilonsky (@RobertWilonsky) April 8, 2017
For now, he said, "we have resolved access and the ability for others to do what they had done that caused the incident this weekend." Sooner than later, he added, his office will determine "whatever is the best system is out there and make recommendations to council."
Council member Jennifer Gates said Saturday that City Auditor Craig Kinton had recently suggested looking at how vulnerable the city is to outside interference. Broadnax said Monday it's possible, if not likely, the city will hire an outside consultant to review all of the city's security measures, from the Water Department to 911.
"I am looking forward to advancing a council discussion about looking at other systems," he said, "and ensuring they are not accessible to hacks or other outside malicious behavior."
Friday night's incident also alerted city officials to another problem: its inability to tell residents when they shouldn't panic. The sirens began blaring around 11:40 p.m. Friday, and it took the city more than an hour to issue a statement, which it did via social media. Initially, the city said it believed a "malfunction" triggered the sirens.
Some 4,400 calls poured into the city's already understaffed 911 call center, resulting in significant delays.
Broadnax, who began as city manager Feb. 1, said the incident made it clear the city needs "more comprehesive protocols" when dealing with these types of situations.
That includes "touching base with our own city council as they get phone calls," he said. "That was apparent. We're going to have to work on that, along with how we share with the media all forms of communication."
Federal data shows a marked uptick in crimes attempted committed against critical infrastructure, from traffic signals to, even, a small dam in upstate New York. On Monday, U.S. Rep. John Ratcliffe, the North Texan who chairs the House's Cybersecurity and Infrastructure Protection Subcommittee, said cybersecurity issues are a top priority.
"The recent hacking attack in Dallas demonstrated the disruption that can be caused by those seeking to interfere with our way of life," he said. "It's one of the reasons I held a Homeland Security hearing in North Texas to examine cyber preparedness and response at the local level, and why I'm committed to continuing this engagement going forward."