Are Smart Cities Smart Enough to Tackle Cyber Attacks?

Written by

Integration of technology in every aspect of our lives has built the world around us and cities are rapidly adapting to smart technologies too. However, the faster deployment brings with it various issues.

Understanding Smart Cities' Potential
To begin with, it's important to understand the definition of a “smart” or “intelligent” city. Simply put, these are cities that integrate technological devices with their physical infrastructure such as civic utilities.

This integration benefits cities in many ways, For instance, it helps in streamlining communications, cutting costs, providing better services to residents through automation and more accurate data collection and analysis. There are many different examples of smart city technologies being used. These include:

  • Traffic lights and parking sensor technologies which improve traffic patterns by reducing parking issues thus reducing carbon dioxide emissions.
  • Smart dustbins with censors which can send signals to a central command center as to when they need to be emptied
  • Water pipelines installed with SCADA and leak detection techniques to measure the water's quality and flow besides checking leakages. 
  • Bus transit systems and metro stations deployed with passenger information systems to inform about the timing and arrival of the public transport in real time 

Despite these smart technologies, there's a lack of security. In the beginning, chips and sensors were too small for most cities to worry about, but now they're found everywhere. When you consider how a cyber-attack can create a major issue, the looming bigger issues should “worry” citizens. Now take a moment to think about this on a larger scale; some issues which have already been encountered include:

  • Traffic engineers in Los Angeles were accused of tampering with the traffic control systems at four main intersections in 2006 resulting in several days of gridlock
  • Traffic lights at about 100 different intersections were hacked by researchers at the University of Michigan in 2014
  • Dallas' official warning system was hacked in April 2017 causing 156 emergency sirens in the city to blast off in the middle of the night

Why smart cities should concern us
Clearly, attacks on smart cities aren't anything new. Unfortunately, cities aren't being proactive in protecting themselves. So while smart cities sound great, there are some important considerations that must be made about their security.

Fixing such concerns must begin with looking at what issues smart cities are currently facing. Firstly, there is a lack of proper security testing, as this isn't usually a business goal for vendors or the city itself. However, this is a major issue because these products are providing city-wide services and for this reason, functionality tests aren't the only thing necessary.

Many firms that sell these systems are not building effective security measures like encryption. Besides, cities need to create Computer Emergency Response Teams (CERT) and security teams to properly test and secure these technologies. This will ensure that patches and system updates are adequately deployed. These teams can also be proactive in implementing strong authentication and encryption protocols too.

However the complexity of the technology is no reason to avoid it. Instead, the government and vendors need to share this responsibility. Unfortunately, this is something that both have shirked until recently, which is why the current ecosystem is so insecure. However, one needs to understand that updating technology creating innovations are not difficult because of the complicated layers that are involved in a Smart City's infrastructure.

At the same time, creating stringent regulation would help. While the global initiative for Securing Smart Cities has put forth guidelines for Smart Cities, a regulatory body needs to be created. This would ensure that only well-secured cities w able to invest in this technology.

So far, there hasn't been a concentrated effort to create any regulatory body to create regulations surrounding smart city technology because it's still quite new. 

Going forward, vendors and government need to work together in SAST (Static Application Security Testing) and afterwards, cities that adopt this technology must continue testing the parts to make sure that they interact with each other securely. This will help detect any vulnerabilities before any harm is done.

What’s hot on Infosecurity Magazine?