Traffic system's dodgy passwords could let in hackers
DODGY computer passwords could allow hackers to hijack the New South Wales traffic management system and cause crashes, the state's Auditor-General has found.
A review of the system's internet security found dangerous flaws in password practices, internet filtering and access logs - the list of computer details kept after files have been accessed.
"There is a potential for unauthorised access to sensitive information and systems that could result in traffic disruptions, and even accidents in one particular section of the road network," NSW Auditor-General Grant Hehir found.
Transport for NSW secretary Dave Stewart accepted sensitive information and systems could be hacked, but rejected the claim it could be used to cause crashes.
"Over the years, agencies than are now part of the transport cluster have spent considerable effort to ensure NSW has safe and reliable traffic management systems," he wrote.
"One key system, SCATS, monitors and manages some 4000 traffic light intersections across NSW.
"SCATS continues to be developed by Roads and Maritime Services and is now implemented in 27 countries around the world."
Lazy passwords not just stopping traffic
TRAFFIC light operators are not the only ones with vulnerable passwords.
US web security firm SplashData released its "worst passwords" list of 2014 on Wednesday - and it was frightening how weak the top hits were.
The most common code was "123456", followed by "password", "12345", "12345678" and "qwerty".
"Dragon", "batman" and "football" also made last year's lazy list, while "iloveyou" dropped off the top 25 ladder from 2013 to 2014.
The data was compiled from more than 3.3 million passwords leaked during the year.
The worst offenders came from North America and Western Europe.
"Passwords based on simple patterns on your keyboard remain popular despite how weak they are," SplashData chief Morgan Slain said.
"Any password using numbers alone should be avoided, especially sequences.
"As more websites require stronger passwords or combinations of letters and numbers, longer keyboard patterns are becoming common passwords, and they are still not secure."
25 MOST COMMON PASSWORDS
1 - 123456
2 - password
3 - 12345
4 - 12345678
5 - qwerty
6 - 1234567890
7 - 1234
8 - baseball
9 - dragon
10 - football
11 - 1234567
12 - monkey
13 - letmein
14 - abc123
15 - 111111
16 - mustang
17 - access
18 - shadow
19 - master
20 - michael
21 - superman
22 - 696969
23 - 123123
24 - batman
25 - trustno1