Visions of gleaming, automated high-tech cities have long been a staple of science fiction. As the technological reality finally begins to catch up with this dream, governments and leading tech firms are investing billions to make the connected smart city a reality.
The global smart cites market has been predicted to grow by 21 per cent through to 2027 as more governments focus on sustainable urban development. The tech sector has been keen to meet this growing demand, with many organisations placing a heavy emphasis on developing smart city technology.
One of the most remarkable examples of this commitment is Toyota’s recently announced Woven City, an experimental “living laboratory” to be built at the base of Mount Fuji. The planned smart city will be home to 2,000 company employees and will enable Toyota to trial connected technology such as robotics, AI, driverless technology and autonomous traffic management.
An ever-growing number of traditional cities are also incorporating connected elements into key amenities, and Frost and Sullivan has predicted that there will be at least 26 fully fledged major smart cities around the world by 2025.
These connected urban landscapes aim to offer a higher quality of life for residents through more efficient, affordable and accessible amenities. Automating elements such as transport and waste management will make it easier for city planners to scale services as populations swell, as well as providing invaluable data for making informed strategic decisions.
However, the benefits created by the smart city are tempered by the introduction of new risks. Unless the infrastructure is sufficiently secured, connected cities will be extremely vulnerable to cyberattacks that could have severe consequences for their residents.
How can smart cities be exploited?
The scale and importance of smart cities means that they are both tempting targets for cyber-threat actors and challenging to secure effectively.
Public sector organisations and amenity providers already face a heavy threat from attackers using disruptive techniques such as ransomware and DDoS. Criminals know that knocking out essential services will have widespread ramifications for thousands or even millions of individuals, placing the organisation under intense pressure to restore functionality.
This susceptibility to disruption means that city infrastructure is a viable target for both opportunist criminals angling for ransom pay outs, and other threat actors looking to maximise the visibility and impact of an attack.
In one particularly severe case of the former, the City of Atlanta, Georgia, was hit by a concerted ransomware campaign that took out key services including parking, court and utility services. The City was issued with a ransomware demand of $52,000, but eventually spent more than $2m in restoring its systems.
The Atlanta case demonstrates just how vulnerable civic infrastructure is, even at the current level of connectivity. The potential impact of a major strike will only increase as cities become more automated and interconnected. An attack on the operational technology (OT) that monitors and manages critical processes could have huge consequences for smarty city citizens.
For example, hitting connected utilities could result in a widespread blackout, crippling businesses and leaving residents without access to lighting, heating, and cooking facilities, potentially for an extended period. An automated traffic system could be disrupted to cause a citywide jam or even to engineer accidents, and the sensors used in an automated refuse collection system could be tampered with to cause rubbish to start piling up in the streets.
Infiltrating the connected network
The sheer scale and complexity of a fully-fledged smart city means that it presents criminals with an unparalleled attack surface. The average smart city will feature millions of endpoints such as sensors, with each one representing a potential point of entry for an attacker. The scope and intricacy of such an arrangement also presents an intruder with more chances to hide their tracks and makes it harder for security teams to detect unusual behaviour. This is made even more challenging when a smart city combines new connected solutions with existing legacy technology.
This risk is exacerbated by the fact that both individual connected devices and the operating systems behind them are often poorly secured. It’s all too common to find cybersecurity was an afterthought for many connected devices as manufacturers rushed to meet market demand. For example, millions of IoT devices are still connected to IPnet, despite the fact that it is severely outdated and hasn’t been supported since 2006.
Another challenge is presented by the interconnectivity between smart city infrastructure and the traditional IT networks of the public and private sector firms tasked with managing them. This risk runs both ways. Attackers could use poorly secured IoT and OT systems as a jumping off point to infiltrate IT networks and execute attacks targeting the organisation’s personal data and intellectual property. Conversely, unless the two networks are properly segregated, a threat actor could also compromise a poorly secured IT network through techniques such as phishing and then bypass the security on essential OT systems.
While this risk is an issue whenever connected devices are deployed, the scope of a connected city makes the challenge far more daunting. The involvement of the public sector in managing city infrastructure is also a factor as public sector IT systems are already under continuous attack. A freedom of information request found that UK councils were hit with 800 attacks every hour last year, for example.
Mitigating the risks
Effectively securing an entire city’s worth of interconnected technology is an intimidating prospect, but it can be achieved with the right strategy and resources. Crucially, connected cities must be planned with a security-first approach. City planning should include a heavy focus on the potential risk and impact of a security incident, and every piece of technology introduced to the network must undergo proper vetting to ensure it is sufficiently secure. Brand-new, purpose-made locations such as Toyota’s Woven City will be able to start from the ground up, while existing cities must ensure that current legacy technology will not present additional risks.
Ensuring the security of individual components is only half the battle, and security teams must also have full visibility of the smart city network as a whole. Security personnel should be able to access data on every component of the network, including the model of different devices, the IP addresses being used and patching schedules. They must also be able to identify potential vulnerabilities and deal with them in advance, for example ensuring that newly discovered zero-day exploits or attack methods are dealt with. For most IoT and OT environments, effective risk assessment and mitigation requires specialised solutions that can work with the unique communication protocols used in production networks.
Finally, just as with a traditional IT environment, effective security also relies on the ability to spot unusual activity on the network. Given the size of the smart city infrastructure, continuous, automated monitoring will be essential for detecting signs of potential malicious behaviour, coupled with contextualised alerts that will allow the security team to prioritise their responses.
Combining a security-first approach to city planning with the right technology will enable security personnel to manage and respond to threats both at scale and in granular detail. With these assets in hand, it will be possible to secure smart cities no matter how large and complex they grow in the future.
Galina Antova, co-founder and chief business development officer, Claroty