Seattle (CBS SEATTLE) — Wireless vehicle detection systems installed throughout 40 U.S. cities to control and direct traffic are so poorly secured that hackers can manipulate the sensors to cause disruptions, accidents and congestion for drivers, one professional hacker says.
According to tech security researcher and professional hacker Cesar Cerrudo, street sensors underneath roads at some of America’s largest metropolitan transportation arteries – including Washington D.C., Seattle, San Francisco, New York and nine other cities – lack basic security protections and can be hacked wirelessly to dangerously disrupt daily traffic.
Easy to install and containing a battery life of 10 years, the magnetic street sensors from Sensys Networks VDS240 wireless vehicle detection systems are embedded into the street to automatically convey signals to the traffic lights and controllers directing drivers above ground recently featured in Wired.
Cerrudo has warned government officials that the system could be monitored and manipulated by attackers.
In an advisory report Cerrudo sent to the Department of Homeland Security’s ICS-CERT division in 2013, he writes that the wireless traffic operate “in clear text without any encryption nor security mechanism. Sensor identification information (sensorid), commands, etc. could be observed being transmitted in clear text.”
Cerrudo has compromised the traffic systems in his own field tests in which he altered sensors from city rooftops and even by remote-controlling a drone flying more than 600 feet in the air – although he believes this could be done from as far as one mile away.
He has also intercepted data from city streets in Seattle, New York and Washington, D.C., simply from equipment carried in his backpack or installed on his car dashboard.
“Because of this, wireless communications to and from devices can be monitored and initiated by attackers, allowing them to send arbitrary commands, data and manipulating the devices,” Cerrudo writes, according to Wired. “By performing one or some of the described attacks it could be possible to cause traffic disruptions, accidents, congestion, etc. on cities where these devices are deployed.”
Wired reports that the more than 50,000 Sensys Networks sensors installed across the globe perform a series of highly efficient traffic functions.
“In addition to detecting the presence of traffic at intersections and highway on-ramps, the sensors can be configured to count vehicles, track the movement of vehicles by detecting the same vehicle at different points, or be placed in idle mode to not detect anything at all,” Wired reports.
Sensys Networks’ vice president of engineering, Brian Fuller, told Wired that the DHS was “happy with the system,” adding that he had nothing more to say on the subject.
Cerrudo is the founder and CEO of Argeniss Consulting (acquired by IOActive) and is a professional hacker who specializes in application and mobile device security. According to his profile for the Infiltrate series, he is widely credited with the discovery and elimination of vulnerabilities within Microsoft, Yahoo!, Twitter and Oracle systems.
He is set to present his findings at the upcoming Infiltrate conference in Miami Beach next month.