September-20178GOVERNMENT CIO OUTLOOKIntelligent Transportation Management Systems­Cyber security ConcernsGrowing Interconnectivity and AutomationIntelligent Transportation may be thought of as the integration of transportation control systems through communication networks to enable the automation of services related to the movement of goods or people. Intelligent systems are being adopted for efficiencies in transport. For example, when a vehicle arrives at a quiet intersection and the light changes, a ground loop within the pavement triggers the traffic light to change, thus allowing the vehicle faster access to proceed. Another example on a larger scale is the ability of a smart grid to modify traffic light patterns to accommodate evacuation routes in response to an impending hurricane. Such control is accomplished through the increased connectivity of previously disconnected signal systems. Having intelligent systems able to adapt to changing situations and synchronize across a geographic region can increase efficiencies of congestion control, emergency operations and maintenance.Threats and Vulnerabilities A convergence of communication networks and transportation control systems is occurring that has the ability to cause kinetic (physical) events such as traffic lights, rail control, and even aviation/maritime navigation. Cybersecurity and physical safety can no longer be treated as separate areas of concern. While local threats to transportation systems have long existed, threat actors from across the world now can cause damage in the form of kinetic effects. Transportation control systems were designed prior to the consideration of cybersecurity. The engineering principles of control and safety drove design rather than security and were built for long-term use to last decades. Conversely, network communication systems such as modern workstation operating systems are designed with typical equipment lifecycles of five years. Many transportation control systems today are still managed through Windows XP, a deprecated operating system with unpatched vulnerabilities. Similarly, Programmable Logic Controllers (PLCs) are often times employed to bridge communications networks with control systems. PLCs are often installed with default passwords which can be easily exploited by an attacker. It is believed that in 2009 hackers may have used default passwords to break into electronic road signs in Austin TX to display the words, "Zombies in Area­Run!" While this attack may seem humorous, it can cause serious problems on roadways. A more serious threat was exposed in 2014 by students at the University of Michigan. In a research study titled, "Green Lights Forever: Analyzing the Security of Traffic Infrastructure", students successfully demonstrated how an adversary can control traffic infrastructure to cause disruption and safety issues through the manipulation of traffic lights. The key vulnerability findings included: a lack of encryption, default usernames and passwords and vulnerability to known exploits. Roadways aren't the only targets of interest to threat actors. In 2015, four cyberattacks on UK rail were discovered by the private security firm, Dark trace. While the attacks were reconnaissance in nature, the threat actors gained access to computer systems which control train systems, rail signaling and safety settings. This breach certainly exposed the potential for a catastrophic event. Similarly, the maritime is equally vulnerable to the increasing connectivity of intelligent transportation systems. Interconnected navigation systems aboard vessels receive updates while at sea. Compromising these systems can lead to both physical dangers from ships Thomas Gresham, CISO, Port of San DiegoByIN MYOPINION
< Page 7 | Page 9 >