Cybersecurity of Smart Cities

Successful Smart City Initiatives Require Device Components That Don’t Pose A Cybersecurity Threat

Many cities and municipalities around the world are adopting smart technologies to improve public services and residents’ quality of life and to evolve into a safer, more efficient community. Known as Smart Cities, these metropolitan areas use various technologies to intelligently operate and control services such as street lighting, public parking, traffic signals, transportation systems, and surveillance systems.

For example, the city of Pittsburgh, Pennsylvania, implemented a system of smart traffic lights that adapt to changing traffic patterns and reduce travel times. Called Surtrac, the system was installed in 50 intersections across the city. Pittsburgh identified seven key traffic corridors where installation of Surtrac would significantly improve mobility and safety. The results are quite positive. The system reduced aggregate waiting time at intersections by 40 percent, which helped decrease vehicle emissions by 21 percent, thus leading to less driver frustration and cleaner air.

Surtrac is only one of many thousands of Smart City initiatives around the world. Other projects aim to solve urban issues such as aging infrastructure, limited resources, and increased urban density; reduce transit travel time, emergency vehicle response time, and traffic crashes; develop streets and traffic signals designed to accommodate autonomous vehicles; and much more. Technology innovation is at the heart of the possibilities of Smart City initiatives.

Smart City projects require an extensive set of information technologies and platforms—everything from smart meters and networks of sensors to informatics, cloud storage, 4G/5G communications, Big Data, and the Internet of Things. A key aspect of the control devices of a Smart City – known as the Internet of Things, or IoT – is the ability to gather data from a network of sensors in order to analyze and make use of the data through automated systems; for example, to know how many vehicles are queuing at a stoplight in order to change the signal to accommodate more traffic in an intelligent way.

Cyber Attackers See Opportunity in Smart Cities

The vast amount of data traversing the IoT and the wireless communication networks is a tempting target for cyber attackers. The connectivity intended to enable data collection and activity automation is also the source of concern about hacks into the systems. Smart City engineers and operators must ask themselves, who can access the data gathered by the many surveillance cameras around the city? Can someone hack the smart elevators in office buildings and hold passengers hostage, or worse, instigate an uncontrolled decent of the elevator car? How can we make sure the city’s traffic signals don’t get hacked, creating accidents all over town? Can ransomware be used to lock our critical files and cripple our systems?

Their concerns aren’t hypothetical. Serious security breaches have happened in real-life Smart City scenarios:

• Attackers used ransomware to disable municipal systems in Atlanta in 2018. The hackers demanded a $51,000 ransom and caused outages across various important city systems.
• In Dallas in 2017, attackers activated more than 150 emergency sirens close to midnight and lasting until 1:20 AM, causing panic among citizens and thousands of calls to emergency services.
• Air traffic control systems at several airports in Sweden were attacked, resulting in the cancelation of numerous flights affecting thousands of passenger.

And that’s just the tip of the iceberg. According to the Securing Smart Cities initiative, there’s a wide range of cybersecurity problems that can affect various control systems, such as:

• Susceptibility to denial of service,
• Lack of computer emergency response teams,
• Data encryption issues with many of the technologies,
• Patch deployment issues, and
• Poor or nonexistent device security.

Cybersecurity Must Be Top Of Mind

Cybersecurity concerns should be top of mind for the various device manufacturers. After all, the manufacturers should be building the requisite cybersecurity defenses into their devices to ensure they ship without vulnerabilities, to make them resistant to attack, to facilitate critical updates, and to ensure the devices can be actively monitored for signs of software failures and other serious conditions.

A common way to deal with security issues is to establish a Security Operations Center (SOC)—a control center where systems and devices are closely monitored by both people and technology. SOCs are common practice in the business world of information technology, but they are just now taking off as a means to closely watch over the operational technology utilized in industrial systems and Smart Cities.

To truly benefit from a SOC, the control center operators must be able to collect security metrics from every device on the network through a SIEM – a security information and event management system. The SIEM helps to correlate data from numerous sources and across lengths of time to determine if a security event is serious enough to raise an alert for a person to follow up on. For example, numerous failed login attempts to a specific device might indicate a brute force login attack is being waged against that device. A security analyst can investigate and, if necessary, put mitigating controls in place to prevent a successful attack.

One of the challenges of this approach is that – using current technologies – it’s very difficult to monitor and protect many of the devices that comprise a Smart City project. The unfortunate truth is that some devices don’t have the inherent capabilities to protect themselves from malicious intrusion, to report their security status to a SIEM/SOC, or to be remotely updated or patched to resolve vulnerabilities. In other words, such devices aren’t as “SOC-ready” as customers need them to be. Without SOC-readiness, the operator can’t take ownership of the device security.

To make that happen, municipalities need the help of device manufacturers—to integrate tools into their products which will enable the SOC to deal with threats in a quick manner, resulting in a healthier device that operates free of malware and security vulnerabilities. This will reduce downtime for the device and thus the cost to service the device and contribute to a more successful Smart City initiative.

In light of the growing demand for devices that enable Smart Cities, more device manufacturers are integrating into their products the tools that will make them SOC-ready and to make it possible for municipalities to monitor their equipment using a SOC and to effectively react to cyberattacks in a timely and cost-effective manner. Security professionals and analysts say we can expect such tools to become a standard protocol; for new devices in the near future.