Get best of the week

Exceeding speed: risks and vulnerabilities in the field of intelligent transport systems

image

— . , . « » , . , () . Consumer Watchdog, , 11 2001 . , «» , .


According to the Counterpoint research firm , by 2022 the number of smart cars on the roads will increase by 270%, not least due to the development of 5G networks and the interest of equipment and transport manufacturers in ITS - intelligent transport systems that help city administrators and drivers save time and money, as well as improve overall road safety and even reduce CO2 emissions. But what is modern ITS?

As already described in one of Trend Micro 's research , modern ITS includes objects from six different categories:

  • , «» , , wLAN , — , , .
  • , , — , , .
  • , , , — , , .
  • / — RFID-, .
  • — , , , , , , () , , , .
  • : — , , . V2V ( ), V2I ( ), I2I ( ), , , .


The main risks and threats in the field of ITS can be divided into three conditional categories:

image
Fig. 1: Physical, network, and wireless attacks on the ITS circuit. Image: Trend Micro

Physical attacks and risks

Although this type of attack is lower in our estimates, the consequencesPhysical interference with infrastructure can be enormous. ITS facilities are often located on roadsides and highways, which increases vulnerability and allows cybercriminals to interact with sensors, ports and various antennas. Also at risk is the CAN interface (Controller Area Network - a network of controllers), which smart vehicles use to interact with each other. Small-sized road users, such as electric scooters and electric bicycles, which are often used in urban rental services, can become victims of vandalism or carelessness by users, and recent studies show that a cybercriminal can easily turn out to be not an unknown third party, but, for example, an auto mechanicin the workshop serving your car.

Network attacks and risks

image
Fig. 2: Elements of the ITS infrastructure vulnerable to network attacks. Image: Trend Micro

According to Trend Micro, network attacks pose the greatest threat to smart city infrastructure and ITS. They are aimed at disrupting the normal operation of devices and equipment, data leakage and theft of valuable information. In this case, cybercriminals often use malware that can completely paralyze entire sectors of the infrastructure or provide them with access to other unprotected network participants. As a result of this type of attack, valuable resources are spent, revenue is lost, and even property is stolen, including autonomous vehicles.

Wireless attacks and risks

Wireless systems of interaction V2V, V2I and I2I become the basis of ITS, because they provide data exchange between infrastructure participants in real time. Hacking them is quite possible, as has already been proved more than once in practice . Vulnerabilities in the firmware of the vehicle itself and their systems and unencrypted Wi-Fi networks can easily be used to intercept control over cars. Weak passwords, insecure sites and application vulnerabilities can give hackers access to user credentials and allow, say, to start or stop the TS engine remotely. In addition, for hacking cybercriminals can take advantage, for example, of the voice assistant vulnerabilities that are regularly used in smart cars. According to the information Georgia Tech, in order to completely paralyze traffic in Manhattan, including the movement of emergency workers, it is enough to take control of only 20% of smart cars.

Cyber ​​Attack Prevention Tips


Strategies for preventing cyber attacks should become an integral aspect of the development and implementation of ITS, and absolutely everyone should take part in them, from manufacturers of cars and equipment, to drivers, employees of road services and administration, and operators of various monitoring services. Of course, there is no ideal defense against attacks, but the integrated application of our recommendations can help reduce the level of risk and avoid many problems with infrastructure security. Here's what is recommended:

1. Implementation and maintenance of physical protection measures for ITS infrastructure objects.Unauthorized persons should not have access to these objects and the opportunity to interact with them. Moreover, the number of authorized employees and the frequency of their access to the infrastructure should also be strictly regulated in order to avoid abuse and facilitate monitoring of the system. An equally important factor may be the prohibition to bring digital gadgets to these objects, excluding those necessary for their regular maintenance.

2. The use of network segmentation, tracking their status and the use of intrusion detection and blocking systems.The best way to prevent an attack or penetration of malicious software is to stop it proactively using a firewall or antivirus, which will instantly analyze and block an attempt to interact with a suspicious email message, link or script. Also, these measures will allow IT professionals to quickly restrict the access of “infected” infrastructure participants to deeper levels of the network.

3. Conducting a regular audit for vulnerabilities in the network, hardware and software or firmware.All devices connected to the infrastructure must be considered, and their default passwords and factory settings as soon as possible changed to more reliable. Scanning for vulnerabilities will help to quickly identify them and install updated versions of firmware or software, and the use of publicly available tools, for example, Shodan (a search engine for searching for insecure systems with a network connection), will identify security gaps and eliminate them. It is also recommended to introduce multi-factor authentication on all platforms where this option is available, and close all unused ports in devices connected to the network infrastructure using access policies.

findings


The development of ITS provides completely new opportunities for all participants and users, but it also increases the number of attack vectors available to cybercriminals. The introduction of intelligent transport systems and smart transport is changing the role of car manufacturers and various equipment for road infrastructure, forcing them to work not only on the hardware but also on the software part of the product, that is, be responsible for cyber threats. In parallel with this, the role of the driver is changing, which now depends on regular software updates, necessary for the functioning of “smart” elements of the car, and can no longer be considered the sovereign owner of its own vehicle.

Combined with the fact that the pace of developing new technologies is several times faster than testing and implementing security and protection functions for them, in the future we will inevitably face an increase in the number of successful cyber attacks on ITS and smart cars. And this in turn can lead to a drop in the level of user confidence, reputational risks for manufacturers and losses for the administration, which is responsible for urban infrastructure. Therefore, we consider the best methods of protection to be the introduction of effective security measures for the physical elements of the road infrastructure and data transmission networks, the separation of these networks into separate subnets and constant monitoring of traffic, isolation and analysis of suspicious activity, regular audits and raising the level of awareness of the personnel serving the infrastructure.Integrated systems require an integrated approach to ensuring their protection, especially when it comes to the well-being and safety of people.

More articles:


All Articles