How Easy Will it be to Breach Smart City Data?

Today, Europe is the global leader in smart city projects in terms of number and depth of integration, according to the Smart City Tracker 1Q2017. The study was conducted by Navigant Research and they analysed the state of global smart city development by region in terms of smart energy, water, buildings, and mobility.

With over 70 percent of Europe’s population living in urban areas, European cities have been rolling out smart technology systems to: improve public services; address longstanding issues and; raise the quality of life for its citizens. On the other side of the Atlantic, the US is following suit. Last 2015, the federal government spent nearly $8.8 billion on IoT infrastructure, software, and cybersecurity – all in a bid to develop safer and smarter cities.

Before we delve into the risks, however, we must first understand how the IoT affects smart city developments.

The potential of smart cities

Fundamentally, the common vision for cities looking to achieve “smarter” status is to utilise IoT devices to manage resources efficiently and improve public services, utilities, and infrastructure. For instance, smart self-healing grid systems are used to quickly identify and address power outages. Smart grids serve as the backbone for other smart projects like smart traffic lights, energy efficient buildings, and citywide electronic vehicle charging stations.

Some of these applications are present in London, where traffic lights are equipped with sensors that detect and prioritise bicycles, buses, and ambulances. In addition, the city’s IoT network is helping drivers through smart parking. Using sensors that detect vacant spots, an app shows drivers a real-time map of parking spaces to cut the driver’s search time short. This goes on top of lessening the city’s congestion and carbon emissions, which is another high priority.

Meanwhile, Barcelona utilises its fibre infrastructure to create what Harvard Kennedy School describes as a “network of networks”. Public transit systems are connected to digital bus stops, which provide commuters with updates on bus locations as well as USB charging stations. The city also has smart street lights, which conserve energy by dimming when embedded sensors do not detect pedestrians passing by. Furthermore, the local water supply is managed through devices that measure rainfall and adjust park irrigation.

In America, the IoT is contributing significantly to serious issues such as road safety. Fleetmatics shed light on the ELD Mandate imposed by the FMCSA(The Federal Motor Carrier Safety Administration), which requires business fleet owners and drivers to use electronic logging devices (ELDs). The tech is designed primarily to monitor commercial drivers and ensure that they do not exceed the maximum hours of service. The system, which automatically updates management’s fleet data and notifies drivers about their trips, aims to minimise cases of driver fatigue and lessen risks of road accidents. The devices also monitor vehicle status as a means of preventive maintenance.

Another form of smart technology helping motorists is the Car eWallet, which is designed to help drivers facilitate payment transactions like parking, tolls, electronic vehicle recharges, and car-sharing fees.

A caveat on cybersecurity

Unfortunately, both the interconnectivity and sheer amount of data generated in IoT systems present a number of security risks for both management teams and city residents. Advancing hardware and software means they can be used for malicious purposes on the same degree as their capacity to improve cities.

The pervasive quality of IoT technology, which allows it to provide public services, is also a vulnerability from which a multitude of security breaches can arise. Forbes explains that the wealth of real-time data makes IoT networks highly valuable, with any of its connected devices being potential entry points for attackers.

The world’s estimated 2.3 billion connected things have been described as a security nightmare. Security breaches in IoT networks are becoming more common, although eluding mainstream media and conversation thus far.

For example, hackers in Dallas, Texas disrupted sleeping residents by activating all 156 of the city’s emergency hurricane sirens over a dozen times last April. Hackers in Illinois used simple computer bugs to destroy a water utility control system back in 2011, depriving over 2,200 citizens of sufficient potable water.

In Russia, the cybersecurity firm Kaspersky Lab conducted an experiment and successfully took control of traffic sensors. The BBC revealed that it was done by studying how to tweak the sensors through their user manual which is available online. Albeit done in a controlled environment and not an actual attack, it shows how easy it is to procure resources that could point to a vulnerability in the system.

However, smart thermostats, children’s dolls, baby monitors, and televisions have been reportedly hacked in the past via an algorithm that works similarly like a Wi-Fi WPA/WEP breaker. It’s only a matter of time before public systems become targets. Needless to say, the problem will only get worse without the establishment and implementation of more advanced cyber security standards.

As smart cities proliferate and local governments look into improving city life through the IoT, the stakes for protecting hardware, software, and data banks become larger. Robust testing and security measures for IoT need to be developed, as the welfare of citizens can no longer afford to take a back seat.

Exclusively written by SolutionsByJB

 SolutionsByJB is a network administrator and IT consultant with over 8 years of experience. She’s currently working with friends to establish a startup. Their goal is to provide VR resources for training non-IT personnel with regards to basic computer troubleshooting.

More blogs

Person working on laptop and looking at online secure file sharing
Blog

Safe Storage: Part 3

Being able to share information securely is a critical function for many organizations, especially those working on projects with external partners

Read more »