Road safety concerns raised after hacker attack on electronic signs

Security specialists have traced a hacking attack which left electronic road signs in Crawley town centre displaying offensive messages for over two hours to a hacking group in the US.

The hackers gained access to 11 variable display parking signs in Crawley, West Sussex, after gaining access to the system through a remote maintenance website.

The incident has raised concerns among road safety specialists who warn that similar attacks could have the potential to distract or mislead drivers and put lives at risk.

"It is worrying because the potential for causing an accident is quite high," said Phil Blythe, professor of transport at Newcastle University.

"If the messages look like official messages, such as telling driver to divert or other misleading information, you could potentially cause all sorts of chaos."

According to the council, hackers broke into the system at 6:45am on 31 October, reprogramming 11 signs to display obscene messages and the word Totse, a reference to a US anarchist website, sparking complaints from motorists.

The signs, which direct motorists to car parks with free parking spaces, are linked by telephone lines to sensors in 11 car parks and to a computer terminal in the council's offices.

Liz Robbins, senior engineer at West Sussex District Council, said that hackers had gained access through an internet site used by engineers for remote diagnostics. The site had recently replaced a direct-dial telephone maintenance link.

Only a handful of engineers at the council and at its supplier, Dambach, had access to the site, which was protected by a password.

"We changed the remote access to the system. That is how they got into the computer. It was not a fault in the system itself. It was just the set up for the remote access," Robbins said.

The passwords have now been changed, and extra passwords added to protect the system. Engineers also plan to add a virtual private network to encrypt traffic to the road signs.

A security consultant called in by the council has traced the attack to an internet address in the US, and an American ISP has been asked to take action, Robbins said.

The system is managed and maintained by Dambach, a specialist sign company, which supplies councils across the UK and the Highways Agency with variable message signs.

The firm declined to comment on the cause of the incident or the measures it had taken to protect its systems. But the company did say it was confident that hackers could not strike gain or gain access to other Dambach systems.

"We are confident it will not happen again because it was just a local problem during a particular sequence of events when we were setting the system up," said Carl Dyer, technical manager at Dambach.

The firm said it would be writing to its customers to explain what had happened, but did not think it was appropriate to discuss the issue in public.

US website Totse contains articles on how to make bombs, plastic explosives, and drugs. One article gives details on how to change traffic lights.