As per a blog report posted on Multi-State Information Sharing & Analysis Centre, a cyber criminal who appears to be from Saudi Arabia, hacked and compromised eleven electronic road signs aka dynamic message signs in 3 states of the United States of America in three days spanning 30th May to 1st June. The hacker posted messages on the road signs stating the road signs have been hacked. In once case he invited drivers who were driving along the road sign to interact with him through Twitter.
MS-ISAC said that these hacking have been confirmed by The Centre for Internet Security (CIS) a internet watchdog of USA. In a detailed report the MS-ISAC stated that
- Investigators in one state believe the compromise may be in part due to the use of weak Simple Network Management Protocol (SNMP) community strings. Investigators in another state believe the malicious actor (read hacker) used Telnet port 23 and a simple password cracker to gain remote access.
- In one state the malicious actor changed the modem passwords, forcing technicians to restore to factory default settings to regain access.
- The malicious actor targeted Daktronics controllers in at least two of the states.
As per the authorities the hacker appears to be a Saudi Arabian citizen, who is also responsible for a couple of structured query language (SQL) injection (SQLi) compromises of databases in foreign countries over the past several years and has demonstrated an interest in the “Internet of Things” by posting compromises/instructions on compromising light bulbs and car radios, in addition to the road signs. The authorities however dont think that he is affiliated with any know hacktivist or cyber criminal group.
It may be noted that many instances of modifications to electronic road signs have taken place and they are done for ‘Lulz’ or to entertain the drivers. Signs such as “zombies ahead” are most common hacked messages. in mid may a San Francisco Traffic sign was hacked to warn travellers of Godzilla Attack. But if a hacker can do the above hacking with such a ease, it could create a public safety nighmare for authorities. In case the hacker had used the electronic sign to lead the drivers to a hazardous/accident prone road it would have lead to serious issues. Posting signs also cause the drivers to stop and take pictures which can cause a pileup leading to injuries/damages.
CIS has noted that this hacking may be directly co-related to recent release of a video game “Watch Dogs,” in which game play revolves around “hacking,” with a focus on hacking critical infrastructure-based electronic devices in particular. CIS thinks that a small percentage of Watch Dog players may experiment into compromising computers and electronic systems outside of game play, and this activity will likely affect SLTT government systems and Department of Transportation (DOT) systems in particular.