View Cyberattacks Against Intelligent Transportation Systems
As technology continues to become more and more connected to the internet, the infrastructures that our daily lives rely upon also follow suit. One manifestation of this are Intelligent Transportation Systems (ITS), the application of advanced and emerging technologies in transportation to save lives, time, money, and the environment. From autonomous vehicles to Smart Roads, ITS makes it realistic to imagine fully integrated and connected traffic systems in the future.
However, all internet-enabled technologies are open to the threat of cyberattacks, which could cause commerce disruption and revenue loss and also pose significant safety risks. This scenario is especially true when it comes to ITS. The already demonstrated and proven possibility of ITS being attacked is the main premise of our latest research paper, “Cyberattacks Against Intelligent Transportation Systems: Assessing Future Threats to ITS.” In it we discuss in detail the threats that ITS-integrated traffic infrastructure will face down the line, from attacks that deny the flow of data and information to actual disruption of functions and services. The paper also offers our recommendations, both short term and long term, on what needs to be done to secure an ITS against those very threats.
In the map below, we show a full-fledged Intelligent Transportation System. Click on the icons to see the different components as well as the potential threats that can target them.
Vehicles
Utilize the transportation network in order to navigate to their destination.
Potential Threats/Attacks
Vehicle-to-vehicle/vehicle-to-infrastructure messages spoofed or faked
Malicious firmware uploaded and installed via over-the-air service upgrades
Safety systems or operations disrupted through the electronic jamming of wireless transmissions
Vehicle controls remotely hijacked
Malicious third-party apps installed in the car’s infotainment system through wireless communication
Roadway Reporting Systems
Monitor traffic and current roadway conditions.
Potential Threats/Attacks
Safety systems or operations disrupted through the electronic jamming of wireless transmissions
System tampered with to install malware, illegally modify devices, or steal data
Internet-exposed devices and systems disrupted by DDoS
System compromised and used as an entry point into a corporate network
Improper commands sent to the controller and backend servers through unauthorized access
Traffic Flow Controls
Direct and divert the flow of traffic; make roads safer.
Potential Threats/Attacks
Improper commands sent to the controller and backend servers through unauthorized access
Internet-exposed devices and systems disrupted by DDoS
System tampered with to install malware, illegally modify devices, or steal data
Safety systems or operations disrupted through the electronic jamming of wireless transmissions
Vulnerabilities in hardware, software, OS, or protocols exploited for malicious purposes
Payment Applications and Systems
Process payments pertaining to road usage, parking, or congestion charges.
Potential Threats/Attacks
Malware installed to disrupt operations and/or steal data
Internet-exposed devices and systems disrupted by DDoS
System compromised and used as an entry point into a corporate network
Vulnerabilities in hardware, software, OS, or protocols exploited for malicious purposes
Weak authentication mechanisms brute-forced or abused for unauthorized access
Management Applications and Systems
Manage the myriad of interconnected systems that form ITS components.
Potential Threats/Attacks
Malware installed to disrupt operations and/or steal data
Weak authentication mechanisms brute-forced or abused for unauthorized access
Internet-exposed devices and systems disrupted by DDoS
Vulnerabilities in hardware, software, OS, or protocols exploited for malicious purposes
Improper commands sent to the controller and backend servers through unauthorized access
Communication Applications and Systems
Manage the flow and distribution of data gathered by the various systems of the ITS.
Potential Threats/Attacks
Operators subjected to social engineering attacks
Malware installed to disrupt operations and/or steal data
Improper commands sent to the controller and backend servers through unauthorized access
System compromised and used as an entry point into a corporate network
Vehicle-to-vehicle/vehicle-to-infrastructure messages spoofed or faked
Vehicles
Roadway Reporting Systems
Traffic Flow Controls
Payment Applications and Systems
Management Applications and Systems
Communication Applications and Systems
For details on the ITS ecosystem, guidelines on protecting it from cyberattacks, and more, read the research paper: “Cyberattacks Against Intelligent Transportation Systems: Assessing Future Threats to ITS.”
HIDE
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.