According to the research conducted by Trend Micro; Among the Intelligent Transportation Systems (ITS), many systems, such as vehicles, highway reporting, traffic flow control, payment systems management applications, are among the targets of cyber attackers. Just announced by the press since the beginning of this year; The 11 attack on the ITS infrastructure of the US, Germany and Russia is proof of this.
From driverless vehicles to smart roads, Intelligent Transportation Systems that are fully integrated and interconnected on the internet infrastructure are increasingly becoming a part of our lives. However; saving lives and the environment, time and money kazanThis smart transportation system, in which advanced and developing technologies are used to Considering that all internet-supported technologies are open to cyber attack threats, it is possible for a possible attack to cause disruption of commercial activities, loss of turnover and even significant security risks. Trend Micro's report “Cyber Attacks on Intelligent Transportation Systems: Evaluation of Future Threats in ITS”, which examines the threats that will cause the actual disruption of the traffic infrastructure, data and information flow, functions and services integrated into ITS, reveals many important details. The research also includes short- and long-term recommendations needed to secure ITS against such intense threats.
In the study, the most important components of ITS, vehicles, highway reporting systems, traffic flow control, payment systems management applications and systems, communication applications and systems were determined as the target points of malicious attackers. The ITS ecosystem, in which all of these components are linked, has not yet been truly implemented. There is at least 10 year for each vehicle and every motorway ITS system to be connected with each other. But today, the attacks on the ITS infrastructure are increasing day by day. Since the beginning of this year, the 11 attack in the US, Germany and Russia has been featured in newsletters and newspapers.
For example, in August, computerized road message boards in California were attacked. Instead of traffic-related messages, aggressive messages were written, such as ül There are herpes in Trump, kadınlar kadınlar Free women in the future Trafik and 'Attention to Asian drivers Trafik. Although the message board was protected by a password, hackers were able to decrypt and write their own messages. Although these jokes were a hidden secret, they distorted the attention of the drivers and endangered road safety.
Artificial intelligence can create new criminals in the future
Cyber-attackers of ITS; the same people attacking institutions, governments and critical infrastructures. Although this ITS infrastructure seems to be easy to secure, the reality is very different. The ITS ecosystem is evolving every day and of course the attacks are changing in parallel. Therefore, it is not unreasonable to imagine that in the future, artificial intelligence actors who are not seen as threats today will emerge as new criminals.
The only purpose of ITS attacks is not money
Money is the key issue that drives cyber attacks in general. But in the ITS world, not every criminal who attacks the ecosystem does it for money. ITS systems can be seen by a high number of people, and the attacks on them have a high impact. This is what drives many criminals. Looking at the top 5 goals of those attacking ITS ecosystems, ransom, data theft, information warfare, theft by playing with the system, and revenge - terrorism come to the fore.
From a cyber security perspective, the first reason to hack ITS systems is to be the entry point for the larger ITS ecosystem. Anyone can access ITS systems on the roadside physically and can connect to them via the Internet or VPN (virtual hacker networks). If the attacker is able to use the ITS system successfully to access the corporate network, the ITS system is considered to be a reliable network, so they can go deep into the network with minimal effort.
Looking at the number of modeled threats in the research, 54 is considered to be high risk, 40 is at moderate risk and 6 is low risk. The high-risk threats include 71 network attacks (NET), 31 wireless attacks (WIR) and 26 (XYUMX) physical attacks (PHY). NET, WIR and PHY attacks intersect with each other, these figures emerge. The reason for this is that depending on the nature and functionality of the attacked ITS device / system, different attack types can be PHY, WIR and / or NET at the same time.