Here's how easy it is to hack a traffic light with a laptop

In a new study, a group of computer scientists from the University of Michigan recently revealed a major vulnerability in an unlikely hacking target: traffic lights.

Using nothing more than a laptop and a wireless card that operated at the same frequency (5.8 gigahertz) as the wirelessly networked traffic lights, the group was able to take control of a number of lights in an unnamed area of Michigan (they had the permission of local authorities). This meant that they could alter the normal timing pattern of the lights, turning all the lights along a given route green, for instance, or freezing an intersection with all reds.

they could alter the normal timing of lights, or turn them all red

An estimated 62 percent of traffic lights nationwide are networked — many via wireless radios —so they can communicate with other intersections or a central server to optimize the flow of traffic. But, at least in some places, designers have taken no steps to protect these systems from outside threats.

The system tested by the researchers broadcast an unencrypted wireless network that was visible on normal laptops and smartphones, although they can't normally connect to it. But it only took a tiny bit of extra work for the researchers to do so, in part because whoever installed the system left default user names and passwords in place.

Once they had access, they could use a series of simple commands to freeze the traffic lights in their current state, or turn all lights red, or alter the timing of the light changes. The one thing they couldn't do was give all sides of an intersection a green light — that'd take physical access to the roadside traffic cabinet housing failsafe equipment, which automatically switches the whole intersection to a flashing red if a dangerous configuration occurs.

Still, the ease with which they took control of the lights is disturbing. That kind of control could easily allow someone to disastrously disrupt the flow of traffic in a busy area, and while it's uncertain whether all systems are so poorly protected, similar vulnerabilities have been found by others in cities across the US.

(Thanks to MIT Technology Review for the link.)

Correction: This previously stated that 62 percent of traffic lights are wirelessly connected. 62 percent are connected, but some fraction of those are connected through cables.

We're here to shed some clarity

One of our core beliefs here at Vox is that everyone needs and deserves access to the information that helps them understand the world, regardless of whether they can pay for a subscription. With the 2024 election on the horizon, more people are turning to us for clear and balanced explanations of the issues and policies at stake. We’re so grateful that we’re on track to hit 85,000 contributions to the Vox Contributions program before the end of the year, which in turn helps us keep this work free. We need to add 2,500 contributions this month to hit that goal. Will you make a contribution today to help us hit this goal and support our policy coverage? Any amount helps.

One-Time Monthly Annual

$5/month

$10/month

$25/month

$50/month

Other

$

Yes, I'll give $5/month

Yes, I'll give $5/month

We accept credit card, Apple Pay, and Google Pay. You can also contribute via