Hacking Traffic Lights is Apparently Really Easy
DEBUG PORT
Now, after gaining access, next was to communicate with one of the controllers in their target network. This was done very easily due to the fact that this system’s the control boxes run VxWorks 5.5, a version which by default gets built from source with a debug port left accessible for testing.
“By sniffing packets sent between the controller and this program, we discovered that communication to the controller is not encrypted, requires no authentication, and is replayable. Using this information, we were then able to reverse engineer parts of the communication structure,” the paper reads.
“Various command packets only differ in the last byte, allowing an attacker to easily determine remaining commands once one has been discovered. We created a program that allows a user to activate any button on the controller and then displays the results to the user. We also created a library of commands which enable scriptable attacks. We tested this code in the field and were able to access the controller remotely.”
This debug port allowed researchers to successfully turned all lights red or alter the timing of neighboring intersections — for example, to make sure someone hit all green lights on a given route.
More worrying part is the ability of a cyber criminal to perform denial-of-service (DoS) attack on controlled intersections by triggering each intersection’s malfunction management unit by attempting invalid configurations, which would put the lights into a failure mode.
SOLUTION TO PROBLEM
At last, the team called for manufacturers and operators to improve the security of traffic infrastructure. It recommended that the traffic-system administrators should not use default usernames and passwords, as well as they should stop broadcasting communications unencrypted for “casual observers and curious teenagers” to see.
“While traffic control systems may be built to fail into a safe state, we have shown that they are not safe from attacks by a determined adversary,” the paper concluded.
Moreover, they also warned that devices like voting machines and even connected cars could suffer similar attacks.