While many regard it as a harmless prank, the trend exposes potentially dangerous vulnerabilities that exist with modern smart city technology that operates on wireless and Bluetooth technology.
The messages first appeared in Northern California cities including Palo Alto, Redwood City and Menlo Park, featuring fake messages from Meta CEO Mark Zuckerberg and Tesla CEO Elon Musk.
A similar stunt appeared in Seattle where crosswalks were sounding a fake recording claiming to be Amazon founder Jeff Bezos criticizing local tax policies.
HOW WERE THE CROSSWALKS HACKED?
While none of the targeted governments have revealed how the hacks occurred, security experts theorize the pranks were made possible due to the Bluetooth or Wi-Fi technology that the infrastructure runs on, combined with passwords or pins that may have been left at their default settings.
Polara, a company that specializes in accessible pedestrian signal systems, reports they have installed more than half a million crosswalks in more than a thousand cities. Their wireless ped system is set up with a field service app that can create a “secure encrypted connection in moments.”
If any access points used for remote management are connected to a Wi-Fi network with default credentials, unauthorized individuals could potentially gain access to this network. Additionally, if the wireless communication between the buttons and the controller lacks proper authentication or uses default keys and passwords, a knowledgeable attacker with the right equipment could potentially change the crosswalk sound to play a different message.
“It’s an amusing hack, no harm done, but it points to a bigger picture where harm can be done,” said Brett Walkenhorst, chief technology officer for Bastille, a company that specializes in wireless airspace technology.
Walkenhorst said it’s possible someone may have identified the model of crosswalk technology, found a manual for the system online and used it to learn how to configure the system and default settings.
“Because it’s fairly easy to pull off, it calls into question the broader infrastructure,” said Walkenhorst, adding that even a crosswalk hack could be dangerous. “If maybe erroneous audio were uploaded to tell someone the wrong thing, then you’ve got someone who is visually impaired listening to that, setting out into the crosswalk when they shouldn’t.”
Furthermore, he added that as wireless technology becomes more common, these incidents should serve as a wake-up call to governments about the importance of securing these systems.
“I get most concerned when I think about things that are critical safety systems, or public health issues like oil, gas, power and water. There’s a lot of important infrastructure that we all rely on with pieces of networks that simply are not hardened from a cybersecurity perspective,” he said.
GROWING TECHNOLOGY THAT REQUIRES SAFEGUARDS
A significant portion of the world relies on wireless communication, with Bluetooth technology powering 25 percent of connected IoT devices globally, according to a recent report from IoT Analytics. According to Walkenhorst, many governments have turned to Bluetooth connections because it’s inexpensive and convenient.
“The downside is because they’re cheap and because we haven’t thought through all of the challenges, things get thrown out in the field and they aren’t locked down properly,” he said.
To avoid vulnerabilities, Walkenhorst said it’s important to have a process in place to manage these systems. Ideally, IT and procurement should communicate to ensure, at the very least, default pins and passwords are changed.
“When it comes to deployment, they need to put together a plan to make sure that the system is locked down,” he said. “I think a lot of times that probably doesn’t happen. Maybe the process isn’t really defined rigorously, and maybe if it is defined it's not always followed. There’s lots of ways this can slip up.”
Furthermore, he pressed that governments of all sizes can audit themselves for this kind of vulnerability with a simple first step: an inventory of wireless and Bluetooth-enabled systems. That would allow them to go down the list to ensure each solution has been secured.
“If we don’t have visibility into it, we can’t begin to address the problem,” said Walkenhorst.
