I’ve never heard of it, but it’s real. There is a web site and a trade show devoted solely to hacking into computer systems and finding ways to prevent it. The site is called “Dark Reading.” The trade show is the “Black Hat USA” conference.
These groups are looking into the security of and hacking into on street parking equipment. You can read all about it here.
I love the headline: Parking Meters: The Next Big Hack?
I quote from the article and Security Researcher Joe Grand:
“Why parking meters? It’s a combination of everything, software, hardware, network connectivity and it’s a physical real application used all over the world. They’re taken for granted. It’s just a big metal box in the ground where you shove your money into it, get your parking and you walk away.” Grand added that most parking meter users don’t think about the financial risks and the social implications of the parking meters if there was to be security breach against them.
In 2003, San Francisco replaced 23,000 mechanical meters with new smart parking meters at a cost of $35 million. Grand noted that other major cities in the US and around the world have also adopted a new generation of smart parking meters. These meters provide smart card capabilities, can take credit cards in some cases, have display screens and are usually networked.
From a security point of view, there are multiple angles to examine on a parking meter. With smart card meters where there are cards that are loaded with dollar values, those cards could potentially be reset or reloaded. Some meters also take credit cards and that information might be stored on the meter where an attacker could potentially grab the information.
In some cities, the meters are connected by wireless networks while in other cases they can be accessed by way of an infrared wireless device. Grand noted that meters could potentially be reset to give free parking – or on the other side to expire parking for a valid spot. Smart meters also often have LCD screens which Grand commented could hypothetically be used by a hacker to transmit messages.
So you wonder. Do our manufacturers have all this in mind when they write the software that runs the parking systems?
Think about it – Someone who hacked into a parking system could change the rates, make parking free at all times, copy the numbers off credit cards, put their own messages on the displays, add money to debit cards, or cause all types of mischief. These security hackers try to break into systems and then, I assume, sell their knowledge to the manufacturers to show them how to prevent it from happening.
I used to work in that part of the industry. My old boss always told me that security in computers was illusionary. “The minute you think you have something that is completely secure,” he would say, “Is the moment you think you are smarter than everyone else. And of course that’s never true.”