Caution! Zombies Ahead!
Filed under: Interesting Articles, Wireless Security | Tags: dynamic message signs, intelligent traffic systems, ITS, traffic management, Wireless Security |
This is a great short article posted by the Dallas Morning News earlier this week.
It talks about hackers breaking into a road sign (also referred to as a DMS – dynamic message sign) and changing the content to warn motorists about the end of the world, zombies, etc.
I have worked on several projects for different transportation organizations. What you might not know is that many of these signs have wireless transceivers so the message can be changed remotely (such as from a traffic management center). It is common for intersections to be networked together and tied back to the department of transportation network through wireless devices. Beyond DMS, other applications include traffic signal control, video detection systems (which superseded ground loops and change the signal when there are waiting vehicles), and pan-tilt-zoom cameras.
The hackers in this case physically broke the lock on the road sign before gaining access and changing the message. With the introduction of wireless technology, this could have been done without physical access. Also, while this particular event did not cause any real damage, attacks on similar systems such as those that control the traffic signal timing could have more serious impact.
My basic recommendations for wireless systems attached to transportation systems:
- Conduct a business impact analysis of the specific systems utilizing wireless technology to determine the threats specific to your system and the controls that you are going to institute
- Develop a set of wireless security policies and procedures to address both the business and technical requirements of the organization
- Change default parameters such as admin username/password, SSIDs, and SNMP community strings
- Employ strong encryption and authentication mechanisms
- Review the security posture of your wired infrastructure as it relates to the additional risk imposed by wireless – i.e. do firewall rule sets, ACLs, or IDS signatures need to be modified?
- Conduct regular security assessments / pen tests (and make them part of your annual audit program)