BC: TransLink Bus Hacked Yesterday?
How secure are TransLink’s computer networks? Not very, apparently…
Yesterday morning, I spotted this conversation on Twitter:
I wasn’t surprised – I’ve heard from several sources over the years that TransLink’s networks were vulnerable. So I asked a computer expert friend of mine what this meant:
It would appear based on the information provided in the link, a member of the public was able to determine the SSID of the on board router, (no doubt they use the same SSID on each and every bus, a very amateur move.) and simply jammed it by offering up the same SSID on the same channel from their mobile phone. This is a basic and simple way to shut down any router. I would say hacking 101, which any reasonable IT administrator should not allow.
Another computer expert I spoke with told me this:
The ticket machine is communicating via wifi. The device the ticket machine is communicating with has the SSID tra761331 so by setting up a device near that machine with the same SSID you get a scenario where the ticket machine will connect to the spoofed device - this creates the service interruption.
Here's what this might mean:
With this method and the right knowledge, it's possible that someone could intercept information. For that to happen, there would have to be other security-related oversights and possible some information on how the ticket machine and it's host communicate, but that doesn't mean it's not possible. I can't tell much from the image in that tweet - which is good... we can be certain that *any* security breach can pose potential risk.
Because this flaw is directly part of the ticket machine's network, the security of card transactions comes in to question. It calls TransLink's PCI (Payment Card Industry) compliance in to question.
The term PCI triggered my memory. In October 2011, I made a Freedom of Information request for a PCI compliance audit of TransLink, done by Deloitte and Touche and Bell Canada Consulting Systems. I was denied access, due to security concerns. Looks like the security concerns haven’t been addressed…
Don’t worry, though. TransLink says they’re on it.