The Washington PostDemocracy Dies in Darkness

NOAA storm-spotting app was suspended after being overrun with false and hateful reports

The ‘mPING’ application was subject to users ‘spoofing’ their location data

Lightning strikes over Clovis, N.M., on June 4, 2019. (Matthew Cappucci)

The National Weather Service has received scores of false weather reports recently through a popular citizen science application that is supposed to increase meteorologists’ awareness of ongoing severe weather. The application, a cooperative effort between the National Oceanic and Atmospheric Administration (NOAA), the University of Oklahoma and the Cooperative Institute for Mesoscale Meteorological Studies (CIMMS), was temporarily suspended last week after a spate of false reports.

It appears the perpetrators also committed one or more hateful acts in the process.

Last week, Twitter users posted screen shots showing a spattering of false flooding reports throughout New Mexico and Texas’s Big Bend area. They appeared to form the shape of a swastika, a symbol associated with white supremacists.

The National Weather Service is working to revolutionize severe storm warnings

Other false weather reports popped up in Hiroshima and Nagasaki in Japan, Tiananmen Square in China, and Auschwitz in Poland. Auschwitz was the death camp run by Nazi Germany during World War II where more than 1 million people, mainly Jews, were killed.

Meanwhile, the entire state of Alabama was peppered with a minefield of more than 100 fake severe-wind reports, and several unusual and potentially illicit shapes were constructed in the Dakotas and Colorado.

The mPING initiative was implemented in 2012 as a way to crowdsource storm reports from the general public. The mPING app does not require users to pass any sort of background examination in meteorology, but the observations can prove useful in fast-changing, potentially life-threatening severe-weather situations.

“Anyone can submit a weather observation anonymously,” according to the National Weather Service website, producing a map “accessible to everyone.”

Twitter users, including many who work in meteorology, were quick to call the breach “completely insensitive,” “hideous and disgusting,” and “disappointing [but] inevitable.”

On Friday, the CIMMS released a statement addressing the issue.

“On July 7, 2020, mPING was flooded with false weather reports and was shut down temporarily,” wrote Kim Elmore, a lead scientist with the project. “We are working to eliminate vulnerabilities that allowed these false reports to be submitted.”

NOAA believes that the false data was made possible by “spoofing” GPS data — when a perpetrator manually overrides the place where their electronic device believes it is located, said Keli Pirtle, spokeswoman for NOAA’s National Severe Storms Laboratory (NSSL).

The NSSL is part of NOAA’s research arm, rather than being located within the National Weather Service (NWS). It develops products that can be useful to Weather Service forecasters, one of which is mPING, which is technically an experimental program, Pirtle said via email.

The Weather Service has a storm-spotting program, known as Skywarn, as well as the Spotter Network, a volunteer reporting program, open to registered storm spotters and others who have at least rudimentary severe-weather training or background.

Storm spotters are most useful during severe-weather operations, when ground truth is needed to help meteorologists make warning decisions. Doppler radar might see rotation within a storm, for instance, but only someone in the field can determine how close that rotation is to the ground.

According to the NSSL, mPING was rolled out to help the Weather Service develop and refine new radar and forecasting technologies, primarily by soliciting information on precipitation types — such as rain, hail, sleet, snow, ice pellets or freezing rain.

“It’s a crowdsourced data tool,” explained John Wetter, president of the Spotter Network, who is familiar with the differences between the programs. “MPING was invented around the time that dual-polarization was being upgraded to the radar network. It was a way to identify winter precipitation types … basically as a way for citizen scientists to provide data that [the National Severe Storms Laboratory] could use to help [test] the algorithms that were used for dual-pol radar.”

But mPING was subsequently expanded to allow the reporting of myriad weather conditions. And users can submit reports without providing a name, email address or phone number.

That might make it easier for users to submit false reports, but the program’s anonymity may have proved a blessing in disguise. According to NOAA, the recent breach did not compromise user data because it was never collected to begin with.

“Users do not register for mPING and reports are anonymous, so no user data was compromised,” Pirtle said in a statement. “The false reports have been identified and purged and the archive database was not compromised.”

Pirtle said the NSSL is “testing several methods to ensure this does not happen again,” but did not specify when mPING may be up and running once more.

Twitter users expressed frustration at their inability to submit reports in the meantime.

“Special thanks to whatever jerk decided to outline Alabama with false reports earlier this week, because now we can’t report via mPING to assist @NWSNorman while the [Oklahoma City] radar is down,” tweeted Pat Hyland, a research meteorologist.

Others lamented the loss of trust that they had placed in mPING reports. Wetter said he’s concerned that these incidents could undermine the credibility of future reports.

“Fake reports coming into the system always adds that question mark to future reports,” Wetter said. “Any bad data in the system is bad for all of us, because it gives forecasters that extra moment of pause.”

It’s not the first time false mPING reports have come in, but they’re usually relatively easy for a seasoned meteorologist to spot. However, they may cause a problem when a storm strikes a rural area with a small population. That’s when a false wind, hail or tornado report can complicate the warning process.

When asked how false mPING reports affect Weather Service meteorologists, Pirtle said: “We cannot speak for NWS forecasters. All reports compiled from mPING are experimental and utilized to improve experimental radar algorithms and products in development at NSSL. The data are displayed for anyone to view.”

Several Weather Service meteorologists declined to speak on the record about how the false mPING reports have affected them.

The submission of false weather reports, which could affect NWS warning operations, could also be illegal under U.S. law, which states that “whoever knowingly issues or publishes any counterfeit weather forecast or warning of weather conditions falsely representing such forecast or warning to have been issued or published by the Weather Bureau, United States Signal Service, or other branch of the Government service, shall be fined under this title or imprisoned not more than ninety days, or both.”