Smart cities vulnerable to IoT-based cyber attacks
Connecting state and local government leaders
As cities install internet-of-things networks to enable smart city development, they are making insufficient investment in digital security, a new research report says.
As cities race to install internet-of-things networks to enable smart city development, they are making insufficient investment in digital security, according to global tech market advisory firm ABI Research.
Over half of the $135 billion projected to be spent protecting critical infrastructure from cyber attacks in 2024 will go to the financial, IT and defense sectors. The rest will be split among energy, health care, public security, transportation and water and waste sectors, "leaving them woefully underfunded and incredibly vulnerable to cyberattacks," ABI Research officials said.
Because smart cities depend on complex, interdependent networks of devices, systems and users, security efforts must address vulnerabilities across a broad swath of industries including energy and utilities, transit, manufacturing, e-government, telemedicine, surveillance and public safety. Threats include crippling industrial control systems, hacking communication devices, holding systems for ransom, manipulating sensor data and stealing personally identifiable information, according to Dimitrios Pavlakis, industry analyst at ABI Research. “In this increasingly connected technological landscape, every smart city service is as secure as its weakest link.”
According to ABI Research there will be approximately 1.3 billion WAN-based smart city connections by 2024, almost half of which are expected to be low-power wide-area networks. These LPWA cellular networks can lower bandwidth cost and latency as they increase coverage, by they are generally not capable of handling the increased number of cyber threats in the interconnected smart city environment.
“Lack of cryptographic measures, poor encryption key management, non-existent secure device onboarding services, weaponized machine learning technologies by cyber-attackers, poor understanding of social engineering, and lack of protection versus Distributed Denial of Service (DDoS) attacks are just are some of the key issues contributing to the amplification of cyber-threats in smart city ecosystems," Pavlakis said. "This is further exacerbated by the lack of digital security investments and will, unfortunately, jeopardize the key elements of intelligence, efficiency, and sustainability of future smart city deployments.”
NEXT STORY: When zero trust really means variable trust