SDigital innovation is shaping our future.
Its impact on our everyday lives can no longer be ignored. We carry it around in our pockets, rely on it for medical care, and even share our beds with it. And as of late, the same technology we use in our offices and homes has started growing into more massive ecosystems.
Tech giants are building smart cities as a way to improve the quality of life, meet the demands of modern-day urban dwellers, and maintain the economic, social, and environmental sustainability. All city services, as well as city governance, are being digitized and connected.
But here’s why this is bad news regarding security.
Table of Contents
Cities Powered by the Internet of Things
A centrally managed network of internet-enabled smart devices is called the Internet of Things (IoT). It’s a precursor for interconnectivity, but also a potential security hazard. If technology provides building blocks for smart cities, the IoT holds these pieces together.
In February, the University of Glasgow counted 27 smart cities in the world. The introduction of 5G networks will only increase their use of IoT networks. They already include everything from smart street lamps to air quality monitoring and automated traffic control sensors.
Better Quality of Life and Other Benefits
IoT-enabled smart cities will be able to ensure better services and greater efficiencies to their citizens, studies show. Improved administration, better crisis response time, and enhanced time management are only a few benefits of cities enhanced with technology.
In this scenario, citizens could count not only on high-quality healthcare, law enforcement, education, employee management, and administrative services but also on reduced congestion in both the public sector and private institutions. However, that’s not all.
By 2050, the urban population will rise by 72%.
This means that smarter city infrastructures are not only the next logical step in global technological evolution; they are also a necessity. To cater to this ever-growing demand, cities will need the IoT for improved supply chains and reliable resource management systems.
The Dangers of Unencrypted Connectivity
In time, smart cities will develop into self-sustaining ecosystems. But before that happens, the system architectures must find ways of making their infrastructures more resilient. As for now, smart cities are vulnerable to all kinds of cyber attacks due to two key issues:
- A lack of security culture.
- Insufficient cyber education.
The problem with IoT security is that a network of smart devices is only as protected as its weakest link. Every time we add a new device, we open a new potential entry point for a network attack. Unknown and unsecured devices are hard to manage at a city scale.
Potential threats to anyone living in a smart city include not only signal jamming and remote execution but also data manipulation, DDoS attacks, and malware. Just like smart homes make people exposed to intruders, smart cities are putting citizens’ privacy and security at risk.
But greater disruptions are possible as well. While an attack on a home network may lead to stolen data, a cyber attack on a city network via key infrastructure providers could end up in citywide traffic control outages, blackouts, or worse. The challenge is daunting.
“Security by Design” May Be the Solution
But despite the current lack of resilience, smart cities are still too good of a concept to be discarded as undefendable and unfeasible. Besides, new developments in the cybersecurity industry guarantee that AI will eventually help us detect and prevent cyber attacks.
Here’s what else smart cities need to stay safe:
- Complete and thorough knowledge of all connected devices.
- Secure access to problematic devices through best VPN solutions.
- Analytics to better understand how some IoT devices behave.
- Centralized policy management and single-pane monitoring.
Some security experts are suggesting that “security by design” provides a much easier and more effective approach to managing IoT-enabled smart cities. Instead of building an entire infrastructure around security, it’s simpler to create more secure devices.
In this approach, security testing would be a mandatory part of the development cycle. Cities, on the other hand, would be responsible for encrypting communication channels between devices and establishing Municipal Computer Emergency Teams (MCERT).
MCERTs would monitor and patch security throughout the city network. Besides, they would be tasked with vulnerability management and ensuring a rapid incident response. They would also supervise local IoT manufacturers to make sure they are building devices by the code.
Smart Cities Must Rely on Collaboration
The first Code of Practice for IoT security was published by the National Cyber Security Centre and the Department of Culture, Media, and Sport, backed by the European Parliament and certified by the EU Agency for Network Information Security.
It’s a huge milestone for the collaboration between governments and industry. Also, it’s a step forward in keeping smart cities protected with joint forces. Now it’s citizens’ turn to take the initiative and start learning about the IoT and practicing cybersecurity.