- Undocumented cellular radios were found in power inverters and battery systems used in US highway infrastructure
- Concerns include remote tampering, data theft, and sabotage
- Many affected devices were made in China, reigniting tensions over cybersecurity and foreign tech, with China denying any wrongdoing
Certain power inverters and battery management systems (BMS), found in highway infrastructure equipment placed along US roads, contained “undocumented cellular radios”.
This is according to a new security advisory distributed by the US Department of Transportation’s Federal Highway Administration last month, Reuters reported.
At this point, it seems that no one knows for certain who placed the radios[1] or what their purpose is, but there are speculations that the hardware could be used to remotely tamper with the equipment, steal data, or sabotage roadside infrastructure.
Hidden comms in highway tech
The hardware containing these power inverters and BMS’ includes signs, traffic cameras, weather stations, solar-powered visitor areas and warehouses, and electric vehicle chargers.
The Federal HIghway Administration advised local authorities to inventory all inverters installed on US highways, and scan them with spectrum analysis technology to see if they contained any unexpected communications. If they find something, they should disable and remove the radios, and make sure their networks are properly segmented.
While the question remains who placed the radios, many of the installed inverters were manufactured in China. The Chinese Embassy in Washington told Reuters in a statement that it opposed “the distortion and smear of China’s achievements in the field of energy infrastructure.”
This is not the first time China was in the epicenter of a cyber-espionage story, since a story similar to this one was published on Reuters in May. Also, during Donald Trump’s first term as US president, he banned Huawei[2] from building out its 5G infrastructure, fearing that the Chinese company might be pressured by its government to install backdoors and allow the Chinese government to eavesdrop on US communications. Other companies, such as ZTE, were blacklisted at the time, as well.
China always denied all accusations, offering to open up its source code and allow European oversight during installation.