Traffic light vulnerability could allow hackers to cause mass blockages, study finds

The big picture: A cybersecurity researcher has revealed a flaw that allows hackers to hijack traffic lights and manipulate light patterns to cause massive traffic jams. This is concerning as reports of hackers targeting public services in the United States and elsewhere are on the rise.

Red Threat’s Andrew Lemon revealed his findings in a pair of blog posts published Last week, he had been investigating potential vulnerabilities in traffic control systems as part of a larger research project. One of the devices that caught his attention was the Intelight X-1 controller.

Despite being part of a critical national infrastructure, the controller was exposed to the internet without authentication. By accessing a specific URL, the researcher was able to bypass authentication and change settings, including disabling web security, without logging in. This vulnerability can give unauthorized parties complete control over traffic light sequences, allowing them to deliberately cause traffic jams by manipulating light patterns.

While Lemon can’t actually turn all the lights green, he said the bug would allow virtually anyone to bypass the lights’ timing. Setting one direction to three minutes and the other to three seconds could easily create a traffic nightmare, he said. TechCrunchAs he puts it, “it’s a denial of service in the physical world.”

Lemon and his team were able to find about 30 vulnerable Intelight boxes, but that’s likely just the tip of the iceberg. He says that when he tried to report the issue to Q-Free (Intelight’s parent company), they responded with “legal threats and everything.”

In a letter, Q-Free’s lawyers argued that viewing the device may have violated anti-hacking laws. They also warned that publishing details of the vulnerability could “encourage infrastructure attacks and generate associated liability for Red Threat.”

In its defense, a Q-Free spokesperson told TechCrunch that the affected Intelight controllers haven’t been manufactured for nearly 10 years. They did, however, admit that some of them may still be in use and encouraged customers to seek advice.

But Intelight isn’t Lemon’s only worrying discovery. His research also uncovered exposed Econolite traffic controllers that could be vulnerable to attacks via a protocol called NTCIP. By exploiting these internet-connected devices, hackers could change the way lights flash or force an entire intersection to flash at once.

Lemon’s findings appear to confirm a worrying trend: Cyber ​​vulnerabilities are infiltrating the infrastructure that controls America’s streets and highways. The findings add to the White House’s warning in March about cyberattacks hitting water and wastewater systems across the country.

A report released this month highlighted that ransomware attacks against critical national infrastructure organizations across 14 countries and 15 sectors are also on the rise, with median ransom payments increasing 41 times in a single year.

Title credits: Jonathan Hernandez

Leave a Comment