In 2003 heist film “The Italian Job,” a hacker manipulates traffic lights so that an armored car, containing millions in gold bullion, is strategically positioned for a quite brilliant and intricate theft. After his comrades loot the vehicle, the hacker then continues this manipulation—helping to facilitate the perfect getaway. The traffic light manipulation is flawlessly executed, but could such a thing happen in the real world? Well, (and you probably saw this coming) the answer is “Yes.”
With one notable exception, the Hollywood version of traffic light manipulation seen in “The Italian Job” is shockingly close to a real world example, one that came to light this week. Security researchers have just discovered that with the right equipment and knowhow, hackers can make traffic lights stay red, prolong (and shorten) green lights, or make red lights flash. They can also make electronic signs display the wrong speed limit and manipulate freeway ramp meters to allow cars onto the freeway faster or slower than normal. The exception, however, is quite limiting: hackers must be close to the targeted traffic signal—within a few hundred feet—to manipulate it.
So how is it possible that a hacker can so easily penetrate something as critical and seemingly protected as a traffic signal? Simple: the information transmitted between street sensors (buried under the pavement) and light signals is not encrypted, making it vulnerable to manipulation. This means that the information transmitted is readable, and exploitable, by anyone with the right equipment. This is a vulnerability that has very dangerous potential for anyone on the roads.
It’s one thing when your smart fridge has the potential to be hacked, but now municipal-level devices are suffering from the Internet of Things (IoT) syndrome. This isn’t the first time that the Internet of Things, the concept of connecting every “thing” to each other and to the Internet for better efficiencies and analysis, has suffered from a security issue. Many of these IoT connected devices, from refrigerators to smart televisions, have been found to lack proper security parameters.
So what’s to be done? Well, a lot.
- First, the municipal authorities should work to add digital security to new technologies. (According to the manufacturer, the traffic lights were actually ordered to not have encryption.)
- Second, manufacturers, the security community, and consumers should all work together to champion the standardization of security across IoT devices. This would provide a universal standard of security for all manufacturers to adhere to.
- Third, and finally, is getting everyone educated about digital security and how it applies to smart devices that are becoming all too prevalent in our daily activities. That means knowing how to make good passwords, as well as knowing how to protect yourself and your devices online.
So how can you protect yourself from this larger Internet of Things problem? Well, protecting your data and identity is a good first step. Additionally, staying educated on how to do this as well as sticking to basic security practices, like changing your passwords and installing comprehensive security suites, like McAfee LiveSafe™ service are steps in the right direction. Remember, we all need to do our parts to make the Internet and online a safer place.