Hacking traffic lights is easy because of security flaws. researchers hacked nearly 100 wirelessly networked traffic lights and were able to change the state of the lights on command.
The hack doesn't target the traffic lights directly but rather sensors embedded in streets that feed data to traffic control systems, says Cesar Cerrudo...
if you want to hack the light into turning green, it might not be as hard as you think. A research team at the University of Michigan found traffic lights in more than 40 states are still running on unencrypted Wi-Fi networks, making them relatively easy to commandeer. Even where networks are encrypted.
The researchers also demonstrated that a bad actor, once infiltrated the network, could perform a wide range of attacks, including:
Denial-of-service (DoS) attack on controlled intersections that could cause a traffic jam.
As explained by the researchers the attackers could set the all lights to red or trigger the MMU to take over by attempting an unsafe configuration, this last case is serious because need a physical intervention of personnel to restore a normal situation.
Traffic Congestion manipulating timings of an intersection relative to its neighbors with repercussion for the entire traffic infrastructure.
Such attacks have a significant financial impact on the community targeted as demonsstrated by numerous studies.
Light control for personal gain, as explained by researchers “lights could be changed to red in coordination with another attack in order to cause traffic congestion and slow emergency vehicle response.”
Hacking the system requires a few specialized tools. Cerrudo purchased an access point from Sensys Networks – at a cost of about $4,000 – which he placed in a backpack or on his car dashboard to intercept data from sensors in Seattle, New York, and Washington, DC. The access point he purchased is compatible with all of the company's street sensors worldwide, and is used with a free Windows-based software that the company makes available on its web site. The software allowed him to view the data in an easy-to-read format on his laptop.
"Without the access point and software, you can sniff the wireless data, but it will be difficult to understand what everything means," he says. "You need the access point to learn how the system works, but after you learn, then you don't need anymore the access point because you can build your own device.
With knowledge of the protocol, an attacker can "watch" the communication between the sensors and access points, which includes configuration information about the sensors themselves and the unique ID for each sensor. An attacker can use this information to target specific sensors.
