Jun 06 A Sign of the Times — Hacking Signs. Electronic Road-Sign Hackers Reveal a Downside to “the Internet of Things.”
Remember the good old days when defacing road signs meant two barrels of double-ought buckshot in a deer-crossing sign on a rural dirt road? (Note: If it needs saying, we are indeed joking. Oh, you knew it all along.)
Anyway, the modern equivalent of the shotgun, but capable of being just as dangerous, is hacking into the software controlling an electronic road sign and changing the message — for instance from “DANGER BRIDGE OUT” to “HAPPY MOTORING. DON’T FORGET TO BUCKLE UP.”
The Internet of Things provides the ability to virtually control anything that connects to the Internet and offers up all kinds of possibilities for improving life from checking the security of the home while you’re on vacation to ensuring the dog isn’t eating the sofa while you’re at work. It also has downsides.
In his blog, KrebsonSeurity, Security Expert Brian Krebs, writes that authorities in several states have reported that hackers have broken into and defaced electronic highway road signs in several states. He quotes the Multi-State Information Sharing and Analysis Center (MS-ISAC) as observing “changes to road signs create a public safety issue because instead of directing drivers through road hazards, they often result in drivers slowing or stopping to view the signs or take pictures.
“That same MS-ISAC notice…points out that these incidents appear to be encouraged by sloppy security on the part of those responsible for maintaining these signs.” You may read Krebs’ entire article by clicking on this link.
Andreas Baumhof, ThreatMetrix’s chief technology officer, maintains, “the Internet of Things is coming on faster than we can cope with it. Soon enough, we will be living in smart houses and all of our critical infrastructure will be managed online. This extensive interconnectivity poses a severe risk with cybercriminals having more and better opportunities to disrupt critical utilities such as our nation’s water supply and other vital infrastructure.”
As well as warning of the dangers presented by the Internet of Things, Baumhof talks about a positive solution. “Given today’s sophisticated cybercriminals [and hackers, organizations] must collaborate through a global network for a collective response to cybercrime.”
To protect themselves against this newest threat to security, organizations including state governments, financial services, e-commerce, payments, enterprises, social networks and others can turn to global data repositories such as ThreatMetrix’s Global Trust Intelligence Network, nicknamed The Network.
ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.