Its the Italian Job all over again, as a researcher claims that modern traffic lights are vulnerable to hack
Researchers claim they can take control of traffic light systems, which could either allow them to re-enact the classic 1969 heist movie, The Italian Job, or else cause chaos and death.
In the movie version of the idea, the traffic lights of an Italian city were altered to allow the crooks’ mini cars to escape from the police. In real life, researchers say they can seize more than 100 intersection of a city through wireless signals, because of inherent vulnerabilities.
A research team at the University of Michigan has published a paper in which they describe how they gained control of an entire system controlling traffic lights at almost 100 intersections in an unnamed Michigan city. Because of “systemic failures by the designers”, it took nothing more than a laptop and the right type of radio operating on the ISM band at either 5.8 GHz or 900 Mhz.
The researchers describe how traffic lights used to be standalone hardware, each running on fixed timing schedules, but they have now evolved into more complex, networked systems that use multiple timing plans, and integrate with sensor data and communicate with other intersections in order to better coordinate traffic.
This communication is usually done via wireless networking technologies, in order to save costs, or where the coverage area is large – geographically speaking. And the researchers pointed out that these network SSIDs are “visible from standard laptops and smartphones but cannot be connected to”, unless you have the right kit of course.
The researchers said that their experiments revealed several vulnerabilities in both the wireless network and the traffic light controller.
“With coordination from the road agency, we successfully demonstrate several attacks against the deployment and are able to change the state of traffic lights on command,” said the researchers in their paper. “The vulnerabilities we discover in the infrastructure are not a fault of any one device or design choice, but rather show a systemic lack of security consciousness. We use the lessons learned from this system to provide recommendations for both transportation departments and designers of future embedded systems.”
The researchers concluded that traffic control systems are not safe from attacks by a determined adversary.
Attackers could, they argue, with the appropriate hardware, execute a denial of service attack to cripple the flow of traffic in a city; cause congestion at intersections by modifying light timings; or even – as in The Italian Job – take control of the lights and give the attacker clear passage through intersections.
This is not the first time that there have been warnings about the security of traffic lights, and traffic management systems in general.
In May this year, security researcher, IOActive’s Cesar Cerrudo, warned that there were potentially serious vulnerabilities in systems managing traffic across various nations, including the UK.
He warned that as many as 50,000 devices are vulnerable, and he identified Sensys Networks VDS240 wireless vehicle detection systems, which are used for monitoring traffic flow and relaying the information to systems that affect traffic lights, as having the vulnerability.
“The vulnerabilities I found allow anyone to take complete control of the devices and send fake data to traffic control systems. Basically anyone could cause a traffic mess by launching an attack with a simple exploit programmed on cheap hardware ($100 or less),” Cerrudo explained at the time.
“I even tested the attack launched from a drone flying at over 650 feet, and it worked! Theoretically, an attack could be launched from up to 1 or 2 miles away with a better drone and hardware equipment, I just used a common, commercially available drone and cheap hardware.