Cybersecurity and ITS: What threats are we facing and how do we prevent them?

Imagine the chaos if all of the traffic signals in metropolitan cities like Paris, Vienna, Berlin, Barcelona or London all switched to red at the same time because it got hacked. What if autonomous vehicles got manipulated, received wrong in-vehicle information, violated traffic regulations or got hijacked? It puts both the cities safety and economy at risk. We have seen an increase of successful attacks dedicated towards ITS industry during the last couple of years and an increasing demand on cybersecurity to bridge the gap and to prepare us for an IoT (Internet of things) world.

As a part of the Smart City vision, connectivity is becoming more common and it is crucial to improve cybersecurity to prevent attacks. A city is becoming a data hub and all devices and processes are digitalized and yet, most ITS applications are protected by a single password where a Brute Force attack (trying every possible password in an organized way) can jeopardize the whole city’s safety. SWARCO is continuously securing its hardware and software to make sure your city stays in control and can prevent such attacks.

We will take a look at some well-known attacks and how to prevent them:

“I can hack it, so I hack it as a joke” the reason behind cyber-attacks of ITS

In 2017, in Dallas, USA a man hacked a VMS sign, changing the message from speed reduction because of ongoing roadwork to “Drive Like Crazy”1. The hacker said he did it because “he could” and “as a joke”. It might seem like an innocent attack but this could have cost a roadworkers life. In 2018, in Oslo, Norway, a 14-year old hacker made a video showing how easy it is to hack traffic signals using just a short-range communication tool and a laptop2. The test in Oslo wasn’t an attempt of an attack, it was rather an attempt to highlight the importance of Cybersecurity to the authorities and suppliers. The exact same topic is also stated in article.

A more aggressive, yet a common attack occurred in 2017 where Public Transport operators in Europe suffered from ransomware, a malicious software that encrypts intellectual property of a company and demanded money in exchange for a key to decrypt the data and allow them to resume a normal workflow. The ransomware message appeared on public transport screens stating the conditions for the public to see. No damage to citizens or travels were made, although we might wonder what damage it made towards the operator’s brand image and trust from the citizens.
More attacks have taken place around the world. These are just a few examples of how easy and accessible it is, and the reason why SWARCO has been taking clear actions towards functional security.

It’s not a joke and we can’t let it get hacked

A traffic light controllers (TLCs)  lifespan of ~25 years means they are considered as ancient in the digital world we’re living in. The unchanged passwords, password leaks, lack of updates and lack of modern Traffic Management Systems (TMS) is the reason why there have been and will be successful attacks against the ITS Industry.  To ensure the cybersecurity within ITS we need to advance security both on the hardware and the software side, which SWARCO is actively working on to stay ahead.

The term “Cybersecurity” summarizes countermeasures on different layers of communication and data processing. It covers application-, network-, information- and operation security as well as describing customized processes for disaster recovery and business continuity. In every layer there are four crucial key concepts to cybersecurity and therefore also in the ITS industry:

1.    Confidentiality
The data sent between TLC and TMS applications (data in transit) and stored within the TMS application (data at rest) are not accessible by a third party to manipulate or eavesdrop.
2.    Integrity
Maintain consistency and trustworthiness of data. Data can’t be modified or misused by an unauthorized party.
3.    Availability
Resources can be accessed and information can be retrieved when a user or a process needs them to provide a service.
4.    Authenticity
The property that a communication partner is actually who he claims to be is called authenticity. Authentic information ensures that it was created by the specified source. The term is used not only when the identity of persons is checked, but also for IT components or applications.

SWARCO integrates these key concepts into its design and has implemented countermeasures to protect your assets, the lives of citizens and you as the customer. Digital certificates are used to validate the integrity of data traffic, our systems are monitored 24/7, Transport Layer Security is used for the encryption of data in transit. Our employees and customers use multifactor authentication as a second line of defence against password guessing. These examples are just a tip of an iceberg and SWARCO's new mobility management platform MyCity (Developed by SWARCO Solution Center GmbH, a ISO/IEC27001 certified company) has a dedicated team that constantly works to improve the cybersecurity of our solution. Reoccuring penetration test and security assessment allow us to build up a solution that sets new standards in the ITS world.