Hacking at 3 ft
| Friday, January 11, 2008 | Steven Andrés |
I saw this article about a train derailment from The Register posted on Hoff's blog and then again on Wysopal's. It made such a nice bookend to Dave's 787 Dreamliner post from last week that I just had to re-post it. It seems like this may be the year when the transportation-related industry takes a good hard look at its network security architecture (and a hard look at metasploit wouldn't hurt them either).
A Polish teenager allegedly turned the tram system in the city of Lodz into his own personal train set, triggering chaos and derailing four vehicles in the process. Twelve people were injured in one of the incidents.
The 14-year-old modified a TV remote control so that it could be used to change track points, The Telegraph reports. Local police said the youngster trespassed in tram depots to gather information needed to build the device. The teenager told police that he modified track setting for a prank.
...
Transport command and control systems are commonly designed by engineers with little exposure or knowledge about security using commodity electronics and a little native wit. The apparent ease with which Lodz's tram network was hacked, even by these low standards, is still a bit of an eye opener.
The 14-year-old modified a TV remote control so that it could be used to change track points, The Telegraph reports. Local police said the youngster trespassed in tram depots to gather information needed to build the device. The teenager told police that he modified track setting for a prank.
...
Transport command and control systems are commonly designed by engineers with little exposure or knowledge about security using commodity electronics and a little native wit. The apparent ease with which Lodz's tram network was hacked, even by these low standards, is still a bit of an eye opener.
NOTE: Yes, I blatantly ripped off Hoff's clipart -- with permission.
