Report: Wireless Hacking Suspected In Air Raid Siren Miscues

UPDATE: Residents in two Illinois communities are settling their nerves after civil defense sirens blared for around 30 minutes last Saturday – an incident that authorities say may be the result of hacking. 

UPDATE: Residents in two Illinois communities are settling their nerves after civil defense sirens blared for around 30 minutes last Saturday – an incident that authorities say may be the result of hacking. 

Sirens in the communities of Evanston and Lemont, Illinois, were treated to continuous blasts from the sirens, which typically sound when tornados and other inclement weather is approaching. Three sirens were activated in Evanston, starting at 7:30 pm on June 30, followed by a similar incident in Lemont at 9:15 in which all seven of the community’s tornado sirens began sounding, despite clear weather, according to a report Tuesday in the Chicago Tribune.

The exact cause of the incidents isn’t known. In Lemont, a suburb located about 30 miles southwest of Chicago,the sirens continued sounding despite officials attempts to shut them off, prompting local officials to cut off power to the devices.

In Lemont, law enforcement officials were going on the assumption that someone gained unauthorized access to the system used to manage the warning sirens, Police Chief Kevin Shaughnessy told the Tribune.

Forty miles away in Evanston, north of Chicago, Division Chief of Life Safety Services Dwight Hohl told the Tribune that the sirens can only be triggered by the town’s 911 dispatch center, but that nobody with authority to sound the alarms had done so. However, the town wasn’t speculating on the cause of the sudden sound-off, said Perry Polinski, communications director for the Evanston Police Department. 

“We’re still looking into it,” Polinski told Threatpost. “It’s strange that Lemont experienced the same thing. There’s no evidence that (a hacking incident) happened, but we’re looking into it.” 

In Lemont, the sirens are activated using a radio signal containing a unique code. Police Chief Shaughnessy speculated that someone may have discovered a way to mimic that signal and broadcast it.

Its not known whether Evanston and Lemont use the same sirens, or whether they contract with the same firm to manage them. Polinski declined to provide any details on the town’s civilian alerting hardware or software, or to say whether the town had anything in common with Lemont.

Officials in Lemont said they had contacted the FCC about the incident. Calls and e-mail sent to the FCC were not returned prior to publication of this story.

Polinski said that Evanston had followed suit: contacting the FCC and the FBI to look into the mysterious siren blasts. 

If the incidents are linked to an external hacker, the story would be evidence that civil defense and emergency response systems used in communities may be vulnerable to remote, hard-to-track attacks. However, there is reason to be wary. Reports in November, 2011, about a Russia-based hack of a water pump used by the Curran Gardner Public Water District in Springfield, Illinois, turned out to be inaccurate.

Suggested articles

Discussion

  • Keith Glass on

    This does not sound like a hack, more like someone recorded and then re-broadcast a signal.

    And the fact that it happened in two towns makes it appear that the coded signal may have been a default setting.

    So, the IMMEDIATE fix is, change the settings from the default to a custom one.  Likely a matter of some DIP switches on the control box for the sirens, and the transmitter box.

    The long-term defense is insuring there are two or more additional recievers set to the same frequency, with directional antennas and signal-strength meters.  Next time the perp sets it off (and apparently keeps transmitting. . . ) two teams in prowl cars D/F to his signal and locate the perp. . . .

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.