Hacking a traffic lights is frighteningly simple

A new study from the University of Michigan reveals just how vulnerable our infrastructure really is

Topics: the daily dot, Traffic Lights, Hacking, technology, University of Michigan, ,

Hacking a traffic lights is frighteningly simple
This article originally appeared on The Daily Dot.

The Daily Dot It has long been a dream of drivers the world over to make traffic lights instantly flip from red to green with the push of a button. A study published this month by computer scientists at the University of Michigan found that not only is hacking traffic signals to do your bidding possible, but it’s actually shockingly easy.

First getting permission from local authorities, the researchers used little more than wireless-enabled laptops to remotely hack into the network controlling the traffic lights in an unnamed Michigan city. ‟Our attacks show that an adversary can control traffic infrastructure to cause disruption, degrade safety, or gain an unfair advantage,” the paper’s authors explained.

When automatic traffic signals were first rolled out in the United States in the late 1800s, they operated mechanically as stand-alone units. However, as time wore on and technology advanced, most traffic signals evolved into computers, often connected to a larger network of other traffic lights through wireless technology and running through a central server. While these advances allow traffic signals to coordinate with each other more efficiently, it also opens those systems up to attack by hackers who no longer need to open up the physical devices in order to change their behavior.

Using computers that could communicate at the same frequency as the traffic signals, the team was able to intercept communications on the network and execute fraudulent commands across the entire system.

The researchers found that the system wasn’t particularly secure. Not only were the wireless communications between the traffic signals and the central server being sent unencrypted, but the passwords on the devices were set to their factory defaults—meaning anyone able to download a copy of the user’s manual off the Internet could crack them by simply turning to the right page.

‟The vulnerabilities we discover in the infrastructure are not a fault of any one device or design choice,” the study noted, ‟but rather show a systemic lack of security consciousness.”



The study posits that hackers could mount a whole range of attacks on traffic light systems. The authors speculate about denial of service attacks that could stop all lights from operating normally; traffic congestion attacks that subtly throw off the timing a light relative to its neighbors as to increase congestion without a high risk of detection; and light control attacks, where someone could ensure he or she only hits green lights wherever they happen to be driving.

The authors added that, even though traffic light systems around the country differ in their specific implementations, they don’t believe that others are necessarily significantly more secure than the one they were able to easily hack into. Vox notes that an estimated 62 percent of traffic lights in the United States are networked in a similar manner.

This study isn’t the first time someone has addressed insecurity of of traffic lights. Earlier this year, an Argentinian security researcher with IoActive presented similar discussion at at cybersecurity conference in Florida showing how someone could build a device for hacking traffic lights for under $100.

Additionally, at least one enterprising hacker has produced a step-by-step guide for building your own specialized controller for hacking traffic lights from the comfort of your own home.

The authors of the University of Michigan study charge that the problem of paying insufficient attention to cybersecurity concerns is endemic across the entire traffic signal industry. They conclude:

A clear example can be seen in the response of the traffic controller vendor to our vulnerability disclosure. It stated that the company, “has followed the accepted industry standard and it is that standard which does not include security.” The industry as a whole needs to understand the importance of security, and the standards it follows should be updated to reflect this. Security must be engineered into these devices from the start rather than bolted on later. Until these systems are designed with security as a priority, the security of the entire traffic infrastructure will remain at serious risk.

More Related Stories

Featured Slide Shows

  • Share on Twitter
  • Share on Facebook
  • 1 of 13
  • Close
  • Fullscreen
  • Thumbnails
    Clare Barboza/Bloomsbury

    Uncommon Apples

    Api Étoile

    Like little stars.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Calville Blanc

    World's best pie apple. Essential for Tarte Tatin. Has five prominent ribs.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Chenango Strawberry

    So pretty. So early. So ephemeral. Tastes like strawberry candy (slightly).

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Chestnut Crab

    My personal fave. Ultra-crisp. Graham cracker flavor. Should be famous. Isn't.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    D'Arcy Spice

    High flavored with notes of blood orange and allspice. Very rare.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Esopus Spitzenberg

    Jefferson's favorite. The best all-purpose American apple.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Granite Beauty

    New Hampshire's native son has a grizzled appearance and a strangely addictive curry flavor. Very, very rare.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Hewes Crab

    Makes the best hard cider in America. Soon to be famous.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Hidden Rose

    Freak seedling found in an Oregon field in the '60s has pink flesh and a fragrant strawberry snap. Makes a killer rose cider.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Knobbed Russet

    Freak city.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Newtown Pippin

    Ben Franklin's favorite. Queen Victoria's favorite. Only apple native to NYC.

    Clare Barboza/Bloomsbury

    Uncommon Apples

    Pitmaston Pineapple

    Really does taste like pineapple.

  • Recent Slide Shows

Comments

Loading Comments...