Below: Gridlock could
have knock-on effects
for a city as part of
a coordinated attack
V2X Cybersecurity |
Cesar Cerrudo, chief technology
officer at IOActive labs and an expert
in cybersecurity, believes that
connected infrastructure opens the
door for hackers to influence the
behaviour of connected vehicles, too.
He says that if a hacker “breaks
into a connected traffic light they can
send that vehicle fake information to
the connected vehicle”.
“When the car receives the
malicious instructions from the
connected infrastructure that has
already been hacked it is unlikely to
question them. Why should it? It has
probably never been attacked before
and as a result will relay wrong basic
safety messages to other vehicles and
roadside infrastructure creating a
domino effect. It only takes one single
component of a system to be hacked
for it to influence the behaviour of an
entire connected floating car
population in a town or city.”
Day of disaster?
The billion-dollar question,
of course, is who would
carry out such an attack and
how it would impact
on a city? Cerrudo, who’s
working with several
leading carmakers on this issue,
believes that a rogue state actor
would be the most likely culprit and
that disabling a city’s traffic lights
“would be part of a wider,
coordinated offensive”.
“If a nation state, skilled in hybrid
warfare, breaches a country’s traffic
lights and variable message systems
it would effectively paralyse its
critical infrastructure. With traffic
lights relaying the wrong messages
to drivers, or to CAVs, there could
be fatalities, too. With mass gridlock
the emergency services would find
it very hard to reach the injured.”
But not everyone agrees with
Cerrudo’s grim prediction. Lauzon
thinks that it would be challenging
“even for state sponsored hackers
to coordinate such an attack”.
To exploit a system’s
vulnerabilities, Lauzon says that
a cyber terrorism cell would firstly
need to know what technology
is being used, who provides it
The UK’s National Cyber
Security Centre estimates
that the average financial
loss to an organisation of
a cyberattack ranges from
around US$55,000 to US$25
million, not to mention the
damage to its reputation. So
what can transport operators
do to protect themselves?
Cesar Cerrudo says that
traffic authorities “are not
doing enough to address
security flaws in their system
architecture”.
It is a view shared by Sam
Lauzon, who says that many
organisations don’t do the
basics so have little chance
of achieving “an isolated and
protected network”.
“It’s not about adopting
more technology, it is about
thinking more proactively and
doing the basics well. That
means carrying out regular
and thorough audits and being
continually vigilant as to who
is on the system. Conducting
routine security checks on
staff is another pre-requisite.
Finally, having a clear and
detailed emergency response
plan is essential, while knowing
how to put it into practice it is
essential, too.”
Get protected
Leading cybersecurity experts have some sage advice on the simple steps
you can take to protect your systems
To successfully bring down an entire
city’s traffic light infrastructure you’d
need to know enough about the system to
write a software update which would disable
every traffic light simultaneously
Sam Lauzon, automotive cybersecurity
software developer, UMTRI
“and then somehow develop the
tools to expose those weaknesses”.
He adds, “Even if they understood
all of the complexities and nuances of
the system, to successfully bring
down an entire city’s traffic light
infrastructure they would need to
know enough about the system to write
a software update which would disable
every traffic light simultaneously.
“Unless they were working
with an insider, however, there
is a high probability that they
would not succeed as only a few
municipalities/cities/counties
use the same software.”
Professor Curran believes
a large Ransomware attack
such as WannaCry 2.0,
which in May 2017 infected
more than 230,000
computers in 150 countries
and cost around USD$4
billion to rectify, is a much
more likely scenario.
“In light of WannaCry,
malware and ransomware
attacks should be a major concern
for those in charge of traffic
management centres because the
primary motivation in 99% of these
attacks is money.
“However, that said, an attack on
a national traffic management centre
might be easier to deal with because
as long as the software which is
charged with dynamically dealing
with lights, priorities and locations
is backed up, technically it would
be easier for a department of
transportation to bring it online
again with only negligible losses.”
PHOTOGRAPHS: TRIALARTINF/CANBEDONE/PHILOGRAPH/KRAS99/ALEX57111/STOCK.ADOBE.COM
040
Traffic Technology International March/April 2020
www.TrafficTechnologyToday.com
/STOCK.ADOBE.COM
/www.TrafficTechnologyToday.com