Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How a hacker could cause chaos on city streets

Antone Gonsalves | Sept. 1, 2014
University researchers found that controlling traffic lights in a Michigan town did not require much more than a radio transmitter and a laptop.

Traffic is chaotic enough in major cities, but imagine how much worse it would be if a criminal hacker got control of the traffic lights.

That Hollywood scenario is what researchers at the University of Michigan proved could happen given the security flaws in today's traffic infrastructure.

In a paper released this month, the researchers described how they were able to commandeer roughly 100 lights in an unnamed Michigan town. The study was done in cooperation with local authorities.

"Our attacks show that an adversary can control traffic infrastructure to cause disruption, degrade safety, or gain an unfair advantage," the research said.

As hacking goes, the task of breaking into the traffic system wasn't difficult.

The first step is to buy the same radio found in a separate box or on one of the traffic lights on an intersection. Oftentimes, the manufacturer's name is on an external label at the radio's location.

The radio receives instructions from a city control room and passes it on to a controller that operates the lights. Each intersection has a radio and controller and all the radios are capable of passing instructions to each other.

For example, if traffic control officials want to time green lights on a particular road to keep traffic flowing during certain times of the day, they can do that by sending the instructions to one radio, which will pass them along to the others on the street.

Like many cities, the one where the research took place communicated with traffic lights wirelessly. By purchasing the same radio used by the city, the researchers were sure to use the same communications protocol.

In this case, it was NTCIP 1202, which is often used for radio to controller communications.

Manufacturers of traffic-light radios are suppose to sell these products only to governments, but "there's been a lot of literature on how easy it is to social engineer these people into selling you a radio," Branden Ghena, a doctorate student and co-author of the report, said.

Once the researchers had the radio and plugged it into a laptop, controlling the traffic lights was easy, because getting on the network did not require a password and the communications between radios and controllers were unencrypted.

The researchers blame the latter problem on the standards body that sets the NTCIP, which stands for the National Transportation Communications for Intelligent Transportation System (ITS) Protocol.

The NTCIP is a joint standard set by the National Electronics Manufacturers Association (NEMA), the American Association of State Highway and Transportation Officials (AASHTO), and the Institute of Transportation Engineers (ITE).

"The standards that define how you communicate with the traffic controller really don't go the distance in providing the security and access controls for these systems," Ghena said.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.