The advent of Intelligent Transportation Systems (ITSs) is the result of technology becoming more connected to the internet. More importantly, these systems remain a life-changing innovation that seeks to improve the mobility of people and goods and maintain road safety while working to reduce traffic congestion and vehicular accidents. In this ever-connected world, the ITS infrastructure relies on integrated information systems that are embedded in vehicles, roadway reporting, traffic flow control, payment, management, and communications to allow for efficient monitoring of road conditions.
ITS components and potential threats
Because of the highly visible and heavily integrated network of an ITS, the effects of cyberattacks on its components could be high-impact and widespread. Researchers from Trend Micro took a deep dive into possible ITS attack vectors, their most likely perpetrators, goals, and the damages that these attacks could leave on properties and lives. According to their study, these are the different ITS components and the potential threats to them:
- Vehicles. Connected cars utilizing the transportation network for navigation are vulnerable to the following:
- Spoofed vehicle-to-vehicle (V2V) or vehicle-to-infrastructure (V2I) messaging
- Malicious firmware uploaded via over-the-air (OTA) service upgrades
- Safety systems or operations disruption via electronic jamming of wireless transmissions
- Remotely hijacked vehicle controls
- Installation of malicious third-party apps in a car’s infotainment system via wireless communications
- Roadway reporting systems. These systems, which are used to monitor traffic and current roadway conditions, face threats such as:
- Disruption of safety and operations systems through electronic jamming of wireless transmissions
- Tampering to install malware, illegally modify devices, and steal data
- Exposure of devices to the internet and system disruption by distributed denial-of-service (DDoS) attacks
- System compromise leading to the system being used as an entry point to a corporate network
- Improper commands sent to a controller and back-end servers via unauthorized access
- Traffic flow controls. These direct and divert traffic to maintain road safety. In the process, however, they might face the following:
- Improper commands sent to a controller and back-end servers via unauthorized access
- Exposure of devices to the internet and system disruption by DDoS attacks
- Tampering to install malware, illegally modify devices, and steal data
- Disruption of safety and operations systems through electronic jamming of wireless transmissions
- Vulnerabilities in hardware, software, operating systems, or protocols for malicious intent
- Payment applications and systems. Payment systems are a popular target among hackers, and systems for road usage, parking, or congestion are no exception, as they could face threats such as:
- Installation of malware to disrupt operations or steal data
- Brute-forcing or abuse of weak authentication mechanism for unauthorized access
- Exposure of devices to the internet and system disruption by DDoS attacks
- Vulnerabilities in hardware, software, operating systems, or protocols for malicious intent
- Improper commands sent to a controller and back-end servers via unauthorized access
- Management applications and systems. These systems monitor and manage the interconnected components of ITSs and could become vulnerable to the same threats that payment applications and systems face.
- Communication applications and systems. These manage the flow and distribution of data gathered by various ITSs. Like the aforementioned components, these systems could face certain threats or attacks:
- Social engineering attacks targeting system operators
- Installation of malware to disrupt operations or steal data
- Improper commands sent to a controller and back-end servers via unauthorized access
- System compromise leading to its use as an entry point into a corporate network
- Spoofed vehicle-to-vehicle (V2V) or vehicle-to-infrastructure(V2I) messaging
Protecting the ITS ecosystem
To keep the ITS ecosystem safe, it is best to rely on effective alert, containment, and mitigation processes. Having a proactive defense system, assuming compromise, and taking the following countermeasures are also recommended:
- Identify and respond to ongoing security breaches as soon as possible.
- Contain any instances of security breach and stop the loss of sensitive data.
- Secure all exploitable avenues to prevent any attacks.
- Apply lessons learned from previous incidents to fortify defenses and prevent repeat incidents.
Trend Micro’s paper titled “Cyberattacks Against Intelligent Transportation Systems: Assessing Future Threats to ITS” gives a detailed exposition of this topic. To read more about ITS and the connected world, visit our resource center.