If you think the Internet of things will be safe from malicious invaders, a team of computer experts at the University of Michigan has a hack for you: traffic lights.
Taking over a city's stoplights has long been an object of aspiration for hackers. Compromised traffic systems have even captured the imagination of Hollywood, playing crucial supporting roles in the 2003 remake of "The Italian Job" and 2007's "Live Free or Die Hard" (the whole movie is worth watching for the traffic-light scene).
Real-life hackers have so far been unable to reproduce the effect. In April, Cesar Cerrudo of Argentina claimed he could hack into a traffic-detection device made by Berkeley, California-based Sensys Networks Inc. It's theoretically possible to affect traffic-light operations by misdirecting such devices, embedded in tarmac throughout the U.S. The effect is indirect and wouldn't cause cars to crash spectacularly. The worst that could happen would be increased congestion. The company stonewalled Cerrudo, and no major disruption has ensued.
The Michigan team got much closer to the jackpot. It wasn't an entirely honest hack, because it got permission from a road agency operating the traffic-control equipment. The upside is that we can read about the team's work in an academic paper rather than watch the carnage on television.
A modern intersection is a technology hub. There are detection sensors, video cameras, electronically controlled traffic lights. The controllers that take in data from the sensors -- like the one Cerrudo said he hacked -- and operate the lights are usually in those gray metal cabinets by the roadside. Special malfunction-management units rule out conflicting green lights or too-short red signals. An intersection can be autonomous, interact with neighboring systems or transmit information to a central server. Two-thirds of U.S. intersections communicate wirelessly, because laying physical wire between all those cabinets would be prohibitively expensive.
The Michigan road agency's devices were all on the same network using commercially available radios. The protocol they used to communicate was proprietary but similar to the Wi-Fi we use in our homes. The connections were unencrypted, and the devices used factory-default usernames and passwords. Using one of the radios -- which it assumed an able hacker could obtain with a bit of subterfuge -- the Michigan team got onto the network and gained access to the controller. It was able to slow down or speed up light changes, freeze the state of the intersection indefinitely, and even turn the lights green along the route of a hypothetical getaway car. The malfunction-management units prevented it from turning on four conflicting green lights, but the team could send all the lights on the network into blinking-yellow mode, which could only be exited manually by workers at every intersection.
Although the field study was the first of its kind, the problems it unveiled are not new. "Smart" devices made for private or corporate use often are not adequately secured, and engineers who build them into networks are not always security-conscious. When the Michigan team communicated its findings to the equipment producer, the response was that the devices "followed the accepted industry standard and it is that standard which does not include security."
"Until these systems are designed with security as a priority, the security of the entire traffic infrastructure will remain at serious risk," the study concluded. It's about more than just traffic: If you see a connected device and do not know how to secure it, don't buy it or at least don't trust it with any sensitive tasks.
To contact the writer of this article: Leonid Bershidsky at email@example.com.
To contact the editor responsible for this article: Mark Whitehouse at firstname.lastname@example.org.