This story from the Washington Post talks about an incident in September in which NOAA systems were hacked, resulting in the agency shutting down its systems for a period while claiming that it was “doing ‘unscheduled maintenance’ on its network, without saying a computer hack had made that necessary.” Other stories suggest that the incident resulted in the temporary shutdown of data from NOAA and other sources.
Apparently NOAA did not disclose the hackers attack, as required by law.
This is scary stuff for at least two reasons we can think of:
1) Automated weather alerts depend on NOAA systems. These are the systems that automatically feed IPAWS/WEA alerts as well as the automated weather alerts that come from Hyper-Reach and other systems. So a loss of these systems at the wrong time could jeopardize lives and property;
2) If hackers were able to create false alerts, they might be able to disrupt a community for some nefarious end. A tornado or other shelter-in-place alert could be sent to millions of people, for example, in order to clear the streets.
As more and more alerts are tied to automated systems, it becomes increasingly important that those systems are secure.