{
	"id": "0e599834-d63e-4acf-bb97-44c65ad8b710",
	"created_at": "2026-04-06T03:37:35.350096Z",
	"updated_at": "2026-04-10T03:30:32.738646Z",
	"deleted_at": null,
	"sha1_hash": "a8f065323071852b4e53bd0070b926d27ed358bc",
	"title": "Pirate radio: Signal spoof set off Dallas emergency sirens, not network hack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 31677,
	"plain_text": "Pirate radio: Signal spoof set off Dallas emergency sirens, not\r\nnetwork hack\r\nBy Sean Gallagher\r\nPublished: 2017-04-12 · Archived: 2026-04-06 03:19:37 UTC\r\nBroadnax said that measures had been taken to prevent the incident from happening again, but he would not say\r\nwhat those measures were.\r\nAlert sirens, especially older ones like those used in Dallas, are usually controlled by tone combinations used by\r\nthe Emergency Alert System broadcast over the National Weather Service’s weather radio. Alternatively, they can\r\nalso be controlled by Dual-Tone Multi-Frequency (DTMF) or Audio Frequency Shift Keying (AFSK) encoded\r\ncommands from a dispatcher or command center terminal sent over UHF radio frequencies that were set aside for\r\nemergency agencies’ use by the FCC in 2004 (these are typically in the 700 MHz range).\r\nIf the frequency used by the sirens in Dallas for DTMF or AFSK wasn’t monitored, an attacker could conceivably\r\nbroadcast an endless number of guesses at DTMF or AFSK encoded commands until the sirens were set off—and\r\nthen just play that command signal repeatedly. But it’s possible that someone managed to gain access to\r\ndocumentation for the siren system and knew exactly which commands to send.\r\nSource: https://arstechnica.com/information-technology/2017/04/dallas-siren-hack-used-radio-signals-to-spoof-alarm-says-city-manager/\r\nhttps://arstechnica.com/information-technology/2017/04/dallas-siren-hack-used-radio-signals-to-spoof-alarm-says-city-manager/\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://arstechnica.com/information-technology/2017/04/dallas-siren-hack-used-radio-signals-to-spoof-alarm-says-city-manager/"
	],
	"report_names": [
		"dallas-siren-hack-used-radio-signals-to-spoof-alarm-says-city-manager"
	],
	"threat_actors": [
		{
			"id": "75108fc1-7f6a-450e-b024-10284f3f62bb",
			"created_at": "2024-11-01T02:00:52.756877Z",
			"updated_at": "2026-04-10T02:00:05.273746Z",
			"deleted_at": null,
			"main_name": "Play",
			"aliases": null,
			"source_name": "MITRE:Play",
			"tools": [
				"Nltest",
				"AdFind",
				"PsExec",
				"Wevtutil",
				"Cobalt Strike",
				"Playcrypt",
				"Mimikatz"
			],
			"source_id": "MITRE",
			"reports": null
		}
	],
	"ts_created_at": 1775446655,
	"ts_updated_at": 1775791832,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a8f065323071852b4e53bd0070b926d27ed358bc.pdf",
		"text": "https://archive.orkl.eu/a8f065323071852b4e53bd0070b926d27ed358bc.txt",
		"img": "https://archive.orkl.eu/a8f065323071852b4e53bd0070b926d27ed358bc.jpg"
	}
}