How a poor user interface design caused the Hawaii missile scare

A poorly-designed user interface was reportedly behind the false alarm regarding an incoming missile that sent Hawaiian residents into a panic over the weekend.

People in the US state received a notification on their smartphones on Saturday warning of an imminent ballistic missile strike, advising them to "seek immediate shelter" and that "this is not a drill". Fortunately, it was.

Meet the bonkers interface the iPhone almost used Surviving human error

The alert was supposed to have been an internal test of the Hawaii Emergency Management Agency's (HEMA's) missile alert system, conducted semi-regularly since tensions between the US and North Korea began escalating last year. According to The Washington Post, an employee mistakenly selected the wrong option from a drop-down list, issuing a genuine missile alert to the public instead of a dummy alert to HEMA staff.

The two options were labelled almost identically ('test missile alert' and 'missile alert') and placed one after another, while the only safeguard to prevent accidental alert launches was a single confirmation prompt.

The incident has drawn criticism from some experts, who say that such an important system should not be so open to human error.

"Even though the menu option still required confirmation that the user really wanted to send an alert, that wasn't enough, on this occasion, to prevent the worker from robotically clicking onwards," explained security expert Graham Cluley.

"There was an 'are you sure?' message, but the user clicked it anyway. Clearly the 'are you sure?' last-chance-saloon wasn't worded carefully enough, or didn't stand out sufficiently from the regular working of the interface, to make the worker think twice."

Federal Communications Commission chairman Ajit Pai also slammed the error, calling it "absolutely unacceptable". "Based on the information we have collected so far, it appears that the government of Hawaii did not have reasonable safeguards or process controls in place to prevent the transmission of a false alert," he said in a statement.

Compounding the problem was the fact that it took more than half an hour for HEMA to send out a follow-up message after the first alert to reassure people that it was an error. Sending the retraction required an elevated level of permissions, and had to go through the Federal Emergency Management Agency (FEMA) for approval.

HEMA said it has now modified the system, requiring all genuine alerts to be confirmed by a second person before they are issued, as well as adding a cancellation button allowing citizens to be immediately notified in the event of another false alarm.

Picture credit: Shutterstock

Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.

Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.

You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.