Stealing SIMs from Traffic Lights
Friday, 14 January 2011

It's a clever idea - create a network of traffic lights that communicate using radio data links. Unfortunately when thieves discovered that the lights used standard SIM cards the temptation proved too great.

Banner

 

If you are creating embedded code for a device then security isn't usually uppermost on your list of concerns but a news item from South Africa should make you pause to consider an aspect of security you might well overlook.

The clever administrators of the City of Johannesburg must have thought it was a really great idea when they decided to install traffic lights that communicated with the central control via a cellular modem - no wires needed for the data link and you only pay for what you use.

Cellular data links are an attractive option for any distributed embedded device be it a monitoring unit or a control device like the traffic lights. However, and you can probably guess what's coming, each cellular modem needed a SIM to make connection and the SIMs used were 100% standard mobile phone SIMs with standard accounts.  When enterprising thieves learned that there were lots of poles with free SIM cards on top the result was inevitable. Unfortunately the thieves damaged the traffic light control units in the removal of the SIM card and now the city faces a large (R8.8 million) bill to replace all of the damaged lights.

simcard

The stolen SIM cards have now been blocked and the designers are trying to work out how to make the electronics less attractive to thieves.

The long term solution is probably to use custom SIM cards that don't fit let alone work in a standard phone. However, when designing embedded systems it is always going to be attractive to make use of existing off the shelf hardware - it's generally cheaper and doesn't involve any development process. Some measure of security would have been achieved if, say, the SIM was data-only or if it was locked down using digital security, but it's physical appearance might still have encouraged thieves to steal it.

With the growth of the "Internet of things" this is a problem that can only get worse. 

More information

Official Johannesburg website report

Discussion at the Schneier on Security blog

 

Banner


TestSprite Announces End-to-End QA Tool
14/11/2024

TestSprite has announced an early access beta program for its end-to-end QA tool, along with $1.5 million pre-seed funding aimed at accelerating product development, expanding the team, and scaling op [ ... ]



Uno Announces Platform Studio
19/11/2024

Uno has announced Uno Platform Studio, a suite of productivity tools featuring Hot Design, which they describe as a next-generation Visual Designer for .NET cross-platform apps.


More News

Last Updated ( Friday, 14 January 2011 )