Researcher warns: electronic tolling vulnerable to hackers

| Tuesday, August 12, 2008

A California researcher warns that electronic tolling transponders are vulnerable targets for computer hackers.

Nate Lawson of Root Labs in Oakland, CA, who helped design digital security layers for products including Blu-ray discs, told attendees of an annual technology security conference called Black Hat, Aug. 6 in Las Vegas, that believes the FasTrak system in California could be hacked and “cloned” by thieves at the expense of the account holder.

The topic of Lawson’s seminar was “Highway to Hell: Hacking Toll Systems.” In the presentation, he described how he bought a transponder at a supermarket, took it apart, and found a way to breach certain firewalls.

“I’m reasonably certain an attacker can send a couple messages to a FasTrak transponder and wipe its internal ID,” Lawson stated online following the presentation. Click here to read Lawson’s explanation.

Lawson told Land Line that all existing electronic tolling systems work on similar principles, but he had not yet researched other systems such as E-ZPass or SunPass.

“They’re very similar in terms of basic protocol, but I haven’t taken them apart yet,” he said.

Transportation Corridor Agencies in Southern California use FasTrak for toll roads.

A spokeswoman for the agency insists that people’s personal information, including credit card numbers and account numbers, could not be retrieved or stolen even if someone hacked a transponder.

“We don’t see it as a big threat,” spokeswoman Lisa Telles told Land Line.

“Certainly, someone with the right equipment could pull a number off one of the transponders, but it’s only a number. What people are most concerned about is can credit card information and personal information be obtained, and it can’t.”

Telles said it is possible that someone could hack a transponder and get through a tolling plaza undetected for a brief period of time, but she called it “a lot of work for a little reward.”

She said the agency cancels transponder numbers that fall out of good standing, and that could lead to the apprehension of hackers if they tried their luck one too many times on a toll road or bridge.

“Violators are caught through photo ID at the toll plaza,” she said, adding that it is important for customers of electronic tolling systems to track their transactions regularly and report any indiscretions.

Telles said she was aware of Lawson’s research for about a month before it was made public.

Lawson said he’s just trying to help agencies and customers avoid security hassles by pointing out flaws.

“I’m hoping what I’ve found can help officials improve the security and privacy of these systems,” Lawson stated online.

– By David Tanner, staff writer
david_tanner@landlinemag.com

Comments