Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Easy To Exploit Bugs In Traffic Control Systems

Posted by samzenpus on from the red-light-green-light dept.

Trailrunner7 (1100399) writes "It has been a running joke in the tech industry for years that the hacking scenes in movies are, well, a joke. Hackers in hoodies pushing a few keys and taking down the power grid or causing massive traffic pileups by turning all the stoplights green at once. While those scenes provide endless entertainment for security folks, it turns out some of those attacks aren't so far-fetched. Cesar Cerrudo, a researcher and CTO at IOActive, decided to take a look at the security of some of the devices that control traffic lights and electronic signs in many cites around the world, and found that not only were the devices vulnerable to a number of attacks, but they could be exploited quite easily and perhaps could be used to spread malware from device to device. Cerrudo said that the vulnerabilities he identified can be exploited from up to a mile or two away with the right equipment."

17 of 50 comments (clear)

  1. LAX by JustOK · · Score: 2, Funny

    Yah, and LAX had probs today. Coincidence?

    --
    rewriting history since 2109
    1. Re:LAX by ColdWetDog · · Score: 2, Funny

      Never attribute to malice that which is adequately explained by incompetence.

      --
      Faster! Faster! Faster would be better!
    2. Re:LAX by BronsCon · · Score: 3, Funny

      LAX: It's not just an airport, it's our security model!

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    3. Re:LAX by sexconker · · Score: 2

      Never attribute to malice that which is adequately explained by incompetence.

      Why not? Because you like the sound of that quote?

    4. Re:LAX by beelsebob · · Score: 2

      No, because it turns out that the quote is right most of the time.

  2. Easy peasy by kimvette · · Score: 5, Informative

    Easy but regulated by federal law.

    See:
    http://en.wikipedia.org/wiki/T...
    http://www.themirt.com/
    http://boingboing.net/2006/04/...
    http://www.advancedtraffic.com...

    There are several standards in use - ~10Hz, ~12Hz, and ~15KHz

    --
    The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
  3. malice vs. incompetence fight! by turkeydance · · Score: 2

    tonight's referee is ignorance.

  4. Sign story by grub · · Score: 4, Funny

    Back in the mid 80s I ran a BBS (Demented Data Systems) We used to to crap like run scans looking for modems. Anyhow, one of the users found something interesting: an electronic sign on top of a downtown office building here was accessible by modem with no password or anything. Just a banner with the company name, sign location and menu.

    He set up a scroll for sometime late one particular evening saying "CALL DEMENTED DATA SYSTEMS - 555-5555 (insert real phone number). So that evening after many beers, the band of drunken ~18 year old geeks went out to the street corner across the road and watched. Sure enough, after what seemed like ages of waiting, there it was scrolling across the screen.

    So, yeah, in the olden days some crap was pretty easy to play with.

    --
    Trolling is a art,
    1. Re:Sign story by greenwow · · Score: 5, Insightful

      Great story. I really do miss wardialing.

    2. Re:Sign story by grub · · Score: 3, Insightful


      They still have wardialling, it's called nmap. :)

      --
      Trolling is a art,
  5. The issue with movies isn't what gets hacked by DMUTPeregrine · · Score: 3, Insightful

    The issue with movies isn't what gets hacked, it's how fast the hacking happens. The hacker sits down at a computer, types some code for 10 seconds, doesn't compile it, and hacks a system they've never encountered before. There's no months of research to find a vulnerability, no scans of the target to find a known hole, just a bit of quick typing and then havoc ensues.

    Real havoc takes work. It takes hours of looking through the output of a debugger and disassembler, running a fuzzer, etc, etc.

    --
    Not a sentence!
  6. Sneakers movie was good with how stuff really work by Joe_Dragon · · Score: 2

    Sneakers movie was good with how stuff really worked

  7. Re:low impact by pipedwho · · Score: 3, Informative

    It is unlikely that the controller is able to set multiple cross signal lights to green at the same time. I did some work on one these systems about 20 years ago, and it contained circuitry (and physical switches to set the system) to lock out that kind of thing from happening (due to either a bug in the code, a failed code update, or in this case a hack). I assume newer units would have a small supervisory microcontroller to detect other anomalies, but either way if something went wrong the circuitry forced all light stacks to flash orange.

    This doesn't mean there aren't safety critical systems out there that have been designed by cowboy or non-embedded coders (like the current crop of ATMs that are far slower and unresponsive than previous models and probably have never felt the touch of an embedded systems expert).

    But, it is unlikely that a hack can cause accidents, beyond frustrating motorists by setting the lights red, or forcing one set continuously green.

  8. Re:This just in... by Anonymous Coward · · Score: 2, Insightful

    Yes, and traffic signals are susceptible to failure by bulldozing. There is a difference between brute forcing something in a way that is immediately obvious, and using some subtlety that can put time and distance between the cause and noticed effect. You could knock down a door, or learn various lock picking methods, some of which require very little time and skill, and use a locked door without getting noticed for possibly a long time (unless you do something stupid).

  9. Re:low impact by drinkypoo · · Score: 2

    Most folks pay attention to more than just what the light says

    Lots of people don't pay any attention at all. That's why defensive driving is so important; someone must be paying attention, and assuming the other person isn't.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  10. Jams, yes, all-green-lights, probably not by davidwr · · Score: 3, Insightful

    I can see a hack that messed up the timing of traffic lights to create a traffic jam, but unless things have changed in the last decade or two, traffic lights in my country have "both way green light detectors" safeties.

    If a light detects that it is green and a "conflicting" light is also green, the whole system will reset to a "safe mode" such as a 4-way flashing-red-light.

    So, yeah, I think scenarios where a hacker or evil-computer-that-takes-over-the-city that turns the lights to green-in-all-directions is a bit far-fetched.

    If I'm wrong, either the traffic engineer who didn't order the safeties put in, the installer who put the wrong thing in, or the manufacturer who didn't build the safeties safe enough needs to be called on the carpet.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  11. Re:low impact by LoyalOpposition · · Score: 3, Informative

    I would be surprised if real traffic light controllers did not have such a safety module.

    They do. I worked for a company in 2005 that designed and manufactured traffic light controllers. We bought a standard module from a different company that just watched for conflicting signals, and switched the intersection to all flashing red if it ever saw one. Of course, it was a micro-computer, not an Electrical Engineering class project, but it wasn't connected to the internet and it didn't have any wireless communications ability, so it couldn't be hacked by anything short of physical presence and hand tools.

    ~Loyal

    --
    I aim to misbehave.