|By Arabian Post Staff| Road sensors, cameras and traffic light systems face the risk of hacking and the data collected by these devices could be compromised with unforeseen results, endangering the security of both road users as well as city administrations.
Leading cyber security company Kaspersky Lab experts have, after extensive field research, proved that the data gathered and processed by these sensors can be dramatically compromised and can potentially affect the future decisions by city authorities on a development of road infrastructure.
Transport infrastructure in a modern megalopolis represents a very complicated system that contains different sorts of traffic and road sensors, cameras even smart traffic lights system. All the information gathered by these devices delivered and analyzed in a real time by the special city authorities. Decisions about the future roads constructions and transport infrastructure planning can be taken based on it. If these data will be compromised it can cause millions in losses to the city.
In particular, if fraudulent access to the transport infrastructure will be gained it might affect the following:
- Compromising the data gathered by road sensors in attempt to sabotage it or resale to third parties;
- Modification, falsification and even erasure of the critical data;
- Demolition of the expensive equipment;
- Sabotage the work of the city authority’s services.
Recent research made by Kaspersky Lab expert in Moscow was conducted on a network of specific road sensors that gather the information about the traffic flow in particular the quantity of vehicles on the road, their type and average speed and then transfers it to command center controlled by city authorities. City traffic authorities receive this information and use it to support and update a real time road traffic map. The map in its turn could then serve as a source of data for city road systems constructing or even for automated traffic lights system controls.
The first security issue, discovered by the researcher was the name of the vendor clearly printed on the sensor’s box. This information helped Kaspersky Lab’ expert to find more information on the Web about how the device operates, what software it uses etc. Also researcher discovered that the software used to interact with a sensor and technical documentation, are all available on vendor’s website. Technical documentation explained very well the list of commands that could be sent to the device by a third party.
Just walking nearby the device, the researcher was able to access it via Bluetooth as no reliable authentication process was implemented: anyone with a bluetooth-enabled device and software for discovering passwords via trying multiple variants (brute force) could connect to a road sensor.
Using the software and technical documentation, the researcher was able to observe all data, gathered by the device. He was able to modify the way the device is gathering a new data: for example changing the type of vehicles from a car to a truck or change an average traffic speed. As a result all newly gathered data were false and not applicable for the need of the city.
Common measures identified by Kaspersky Lab to prevent that cyberattack against transport infrastructure devices include:
- Removal of vendor’s name on the device, as this could help an attacker to find tools for hacking the device on the web;
- Changing default names of the device and disguising vendor’s MAC addresses if possible;
- Use of two steps authentication on devices with Bluetooth connection and protecting them with strong passwords
- Cooperation with security researchers to find and patch vulnerabilities.