Cities are getting tech-heavy continuously. Authorities are spending lot of money for improving machine-to-machine communication, creating intelligent energy management, predictive traffic control systems and mobile app-enabled parking. Everything tech-driven will be interconnected. However, this utopian dream has its demerits too.
According to the security blog Dark Reading, cybercriminals are already focusing on stealing user credentials. Email addresses and passwords were ranked as the most robbed digital commodities of 2015 according to the blog. Additionally, attackers, obviously have elevated their malware game that will certainly hamper the functioning of smart cities. It can lead to a situation known as data sabotage.
Any metropolis running on complex and integrated technology can be hacked by cyber criminals.
Data Sabotage: A Big Reason To Worry
With every benefit it offers, there are also certain smart city failures or dangers waiting for you when you live in a smart city. So, what are they? Let us discuss.
CNBC says that smart cities will work up data collection and sharing process. Hence, it can result into data sabotage. It can be one of the biggest problems with smart cities you can face in the future. National Intelligence’s director, James Clapper says, “decision-making by senior government officials, corporate executives, investors or others will be impaired if they cannot trust the information they are receiving.”
Researchers have already pointed out that increasing of use of Internet of Things will be a key catalyst for cyber-attacks in the future. With cities obligated to fulfill demands of different departments in private and government sector and overheads like public data management, protecting data becomes a very difficult task. Now this isn’t merely a hypothetical concern. Imagine if cyber criminals were able to turn every traffic light into green at once during rush hour. The situation could not only block roads, cause mishaps and trouble police resources. It could also pull network bandwidth from extremely critical systems to solve the problem.
This will leave those critical systems unguarded and vulnerable to data theft. We can refer to incidents such as security firm Infocyte discovering malware attack on the network of VIA Metropolitan Transit. Even though VIA’s security was considered impenetrable, malware was able to make its way to destabilize the system. Though no damages occurred in the attack, it was proved that even the best security networks in the city were perishable.
Interconnectivity, which is considered as one of the most strong aspects of smart cities can also its greatest vulnerability or a smart city failure.
In September 2016, CyberScoop reported that one-quarter of the networks consumed by SFMTA (San Francisco Municipal Transportation Agency) was hacked and infected by malware developers. The security breach resulted into SFMTA opening the entry gates for free for some time that caused financial loss for the company. However, the attacker could have taken control of traffic signals or the entire train operating system. Another incident reported by Infosecurity magazine states that 40% of America’s ICS (industrial control systems) that manages vital infrastructure like water operations and power were hit by malware developers in 2016.
UK based technology brand Information Age presented a threat-model where smart vehicles could transmit malware attacks to different urban networks. They described how network-enabled vehicles can infect malware into the transportation smart grid. Cyber criminals can affect low-level systems to degrade total network performance. They can even control citywide services and ask for huge ransom.
Need For Security
And the above-mentioned incidents are just the beginning or can be considered as the tip of the iceberg. Attackers could switch off the entire smart streetlight grid of the smart city putting the entire city into darkness. It could consequently invoke all sort of chaos. Further, compromising emergency service systems could aid attackers to fabricate an emergency, which could pull military troops from highly sensitive areas, making them vulnerable. With interconnected smart city models, there’s nothing a motivated cybercriminal cannot compromise.
Smart cities, however, offer increased resilience. An IBM white paper notes that enabling access to a wide range of data sources, using the data for empowering awareness of potential hacking incidents, smart cities will be able to detect malware threats in a better way. They will be able to react to the situation more quickly than ever before. Moreover, Big data analytics could help smart cities to improve resource deployment, planning and in making better decisions in terms of security. It will make them more resistant and resilient to cyber-attacks. Even though network services including IoT hold serious security issues for smart cities, the association of enhanced public safety and proactive solutions should offset this risk.
With cities becoming smarter every day, the question is no more if the cities will be attacked but when will they be attacked. TechCrunch states that cities must start prioritizing data security. Important data must be encrypted and data sensors must be regularly checked to ensure extensive security. Better software examining exercises are also required.
With IoT enjoying significant growth, developers need to create secure devices. They should put security over time-to-market while building products. The final goal of a smart city is to empower residents and the society and reduce potential risks.
Despite of these potential threats to both public and the government, they will smart and interconnected cities will soon become reality. However, the gains offered by smart cities often counterbalance security issues and risks of IoT and other intelligent technology. Although, it seems impossible to create impenetrable infrastructure, the union of basic security regimen powered by cloud-based detection tools can help smart cities to get advance alerts about malware attacks. Thus, authorities could react timely and reduce or even negate damage caused to critical services.