Nowadays, so many different aspects of everyday life require an Internet connection to function (or make convenient as humanly possible). As we all know, this has played an astronomical part in the technological evolution of our cities in an effort to make them “smarter.” Traffic lights, public transport, power plants, and water supplies are all facets of cities that require an Internet connection.
The risk that comes with this degree of reliance to wireless connectivity is evident, with the consequences being very well-documented. Two months ago in India, for example, a hacker used a mobile phone to display pornography clips on a display board ay Rajiv Chowk metro station. On Christmas in 2015, Ukraine endured massive power cuts after a series of cyberattacks targeted three local energy companies. Incidents even date as far back as 2008 when a 14-year old student in Poland used a modified TV remote to hack into a tram system. The hacker managed to derail four trams, injuring 12 people.
Instances of incidents like the ones mentioned above raise the question of how safe smart cities are, and whether they’re truly prepared to withstand a cyberattack with widespread effects.
The concern of how today’s smart cities can endure modern cyberattacks warrants a case study on the diverse and intricate nature of these breaches and the particular vulnerabilities smart cities have that hackers look to exploit. Since technology is making crime a lot more digital, we’ve reached a point where thieves can drain an ATM of its entire money stash. All they need is a laptop and some wiring to connect with the machine’s system. This is yet another example of how Internet-connected systems and devices are exposing city infrastructure and services to a new wave of cyber threats that can be waged by lone wolf hackers, international criminals, and terroristic organizations.
According to Cyber Security Ventures, global annual cybercrime costs are projected to reach $6 trillion by 2021. This includes destruction and theft of data, stolen funds, lost productivity, theft of intellectual property, fraud, and damaged infrastructure data. One of the most well-documented cyberattack cases is the DDoS attack on DNS service supplier Dyn that occurred last October. The organization’s IoT devices were hijacked, which temporarily shut down popular websites like Amazon and Netflix. The ransomware attack affected over 120 countries including India, whose exposed modern vulnerabilities determined how high the stakes truly were becoming for cybersecurity.
Hackers are capable of tampering with traffic control systems, smart street lighting, city management systems, public transportation, cameras, smart grids, wireless sensors, along with mobile or cloud networks. Between these various points of entry and modern tactics at a hacker’s disposal, it’s very possible cybercriminals can launch something along the lines of a ransomware attack on a power grid and demand a substantial ransom in return.
Governments throughout the world are investing in cyber defenses to avoid such widespread catastrophes. The Australian government recently launched its “Next Generation” Technologies Fund to incubate “creative solutions” for protecting the nation from cyberthreats, which cost about $730 million. The Indian government has also invested in future technology as their cities continue to modernize and start going online.
It’s essential for a city to ensure its infrastructure is safeguarded against potential cyberattacks. Cities need adequate cybersecurity leadership to assess vulnerabilities and plan proper incident response protocols. While most cities and governments are headed in the right direction, the number of ways and outlets to wage a cyberattack are still too great to take for granted. While nothing can guarantee an unprecedented attack from happening, the biggest challenge for entities fighting on this front is to keep themselves a few steps ahead of their cybercriminal adversaries. Although this has become an increasingly daunting task, enough awareness is being raised on the ramifications of these scenarios to identify and act on these incidents.
Filed Under: Cybersecurity, M2M (machine to machine)