Traffic signals around the world are easy targets for computer hackers, a US-based security researcher has warned.
Researcher Cesar Cerrudo says he was able to locate and hack devices used by traffic control systems in the US, with similar systems in use in the UK, France, China and Australia.
Cerrudo says it wasn’t difficult to find vulnerabilities in the system, and while the system does not allow access to individual lights, anyone with a “simple exploit programmed on cheap hardware” could cause traffic chaos.
The hardware enables the user to alter the speed limits shown on variable speed limit signs, change the rate at which cars are allowed to merge onto freeways, and even indirectly affect the timing of traffic lights.
Cerrudo says that, once in action, the attack would be difficult and expensive to detect. He says that over 50,000 of these devices are currently in use worldwide, including on an ‘important Australian freeway’.
Cerrudo claims the system vendor was informed of this security weakness around six months ago by a different organisation, but responded only the system was working as it had been designed.
The operator added that newer versions of its devices were more secure than previous products, but as its devices don’t control traffic signals directly, they don't consider the threat of hacking realistic.
While Cerrudo stops short of revealing the finer details of the hacking process (for obvious reasons), he does promise to reveal more at the ‘Infiltrate 2014’ event in the coming weeks, as teased in the video (top of page).