Hacking Traffic Lights

Presented at DEF CON 28 (2020) Virtual, Aug. 6, 2020, 1:30 p.m. (30 minutes)

New systems are connected to the internet every day to make our lives easier or more comfortable. We are starting to see connected traffic and smart traffic lights innovations to improve traffic flow, safety and comfort. With smart systems entering and controlling our physical world, ethical hacking such systems to find possible ways of manipulation becomes even more important to society. In the Netherlands there are some public innovations where traffic light systems are being connected to smartphone apps. We have looked at these innovations to see if these systems could be manipulated and how manipulation could benefit an attacker. Specifically, we found a way in two different platforms, that allows us to successfully fake a continuous flow of bicyclists that turns the cyclist traffic light instantly green or decreases the time to green. More than 10 municipalities in the Netherlands connected a part of their cyclist traffic lights to the affected platforms. It was possible to perform these hacks from any remote location, which allows someone to remotely influence the traffic at scale. The hack results in turning the cyclists lights to green, while other lights on the intersection will turn to red. The regular security systems that make sure lights are not turned green simultaneously stays intact. There are similar projects that turn the car traffic lights green for ambulances or trucks. If an attacker succeeds to exploit these projects with a similar attack, he could remotely influence the car traffic lights directly.

Presenters:

• Rik van Duijn - Hacker & co-founder at Zolder
  Rik is a security researcher with 7+ years of experience as a penetration tester. Nowadays Rik focusses on malware research and defense. His hobbies include cooking, bouldering and long walks on the beach. Rik has presented at SHA2017, (whiskey|fristi)leaks, DefCon BlueTeam Village and Tweakers Security/DEV Meetups. @rikvduijn
• Wesley Neelen - Hacker & co-founder at Zolder
  Wesley has about 7 years' experience in the offensive security area working as a penetration tester. Next to his work assessing the security of infrastructures, he spends time researching trends within IT security and on developing defensive measures. Wesley likes to actively assess the security of home automation, internet of things and 'smart' innovations. One of the vulnerabilities discovered by Wesley, is a remote command execution (RCE) vulnerability in the Fibaro home center appliance. The vulnerability allowed to remotely obtain root access on the Fibaro device whenever the web interface is reachable. Also, he discovered vulnerabilities within a smartwatch cloud that disclosed the location history of about 300.000 of its users. @wesleyneelen

Links:

• https://defcon.org/html/defcon-safemode/dc-safemode-speakers.html#Neelen
• https://infocon.org/cons/DEF CON/DEF CON 28/DEF CON Safe Mode video and slides/DEF CON Safe Mode - Wesley Neelen & Rik van Duijn - Hacking Traffic Lights - Q&A.mp4
• https://infocon.org/cons/DEF CON/DEF CON 28/DEF CON Safe Mode video and slides/DEF CON Safe Mode - Wesley Neelen & Rik van Duijn - Hacking Traffic Lights.mp4
• https://infocon.org/cons/DEF CON/DEF CON 28/DEF CON Safe Mode video and slides/DEF CON Safe Mode - Wesley Neelen & Rik van Duijn - Hacking Traffic Lights.srt (subtitles)
• https://www.youtube.com/watch?v=L9UUD3a7xP4

Similar Presentations:

• Black Hat Asia 2014 / Owning a Building: Exploiting Access Control and Facility Management Systems
• THOTCON 0xA (2019) / Your non-connected car is not as safe as you think...