Watch out: Smart city defenses are not up to snuff
- By Mark Pomerleau
- Apr 28, 2015
As technology becomes easier to leverage and greater connectivity allows for greater efficiency, more cities across the world are opting for “smarter” options. A new report, however, warns that such smarts come with increased risks of significant cyber attacks.
A smart city, as defined by Cesar Cerrudo, chief technology officer at cybersecurity consultancy firm IOActive Labs, is one that “uses technology to automate and improve city services, making citizens’ lives better.” Yet that very connectivity allows hackers to disrupt technological services and steal data. Cerrudo's policy paper identifies the key components of smart city infrastructure and offers recommendations to keep them safe.
The infrastructure at risk runs the gamut: traffic control systems, smart street lighting, city management systems, sensors, public data, mobile applications, cloud and software-as-a-service solutions, smart grids, public transportation, cameras, social media and location-based services, among others. Cerrudo warns that there is not an established threat model to defend the “huge and unknown attack surface on smarter cities.” And given the complexity and interdependency of connected systems, Cerrudo warns, it is difficult for cities to know exactly what is exposed to hackers.
What is clear is that much of the aforementioned infrastructure is hackable. Systems used for traffic control, for example do not use any encryption or authentication, making them susceptible to breaches in which hackers could fake data and disrupt the timing of traffic signals. Similarly, many cities are employing street lights with wireless communication. These connections are not protected, and their manipulation could cause widespread blackouts. More disastrous blackouts can occur if electric grids are compromised by manipulating smart meters, which Cerrudo explains could be performed by exploiting encryption problems in power-line communication technologies.
Hackers that managed to gain access to city management systems, meanwhile, would be presented with myriad options to cause harm. For example, Cerrudo suggests that work orders and mapping data could be manipulated, causing construction work to be done in the wrong area and damaging critical facilities. Such a scenario is not far fetched. In 2010, confusion over the location a gas line in Texas led to a fatal explosion, caused by utility workers accidently who accidently punctured the pipeline while drilling holes for .
Attacks on surveillance cameras can blind cities as well. Closed-circuit cameras provide city law enforcement officials with invaluable capabilities that Cerrudo describes as the “eyes of the city.” Such cameras were essential in the identification of the individuals responsible for the deadly Boston Marathon bombing in April 2013, for example. These cameras are easy to hack, however, and Cerrudo asserts that it is not always possible to remotely restart them once breached. To make matters worse, most cities employ the same cameras and models, allowing for easy attack replication. Cities can similarly be blinded if location-based services and GPS technology are attacked.
Cerrudo offered a short list of suggestions for cities to better plan for attacks and bolster defenses:
- Create a simple checklist-type cybersecurity review. Check for proper encryption, authentication and authorization and make sure the systems can be easily updated.
- Ask all vendors to provide all security documentation. Make sure service-level agreements include on-time patching of vulnerabilities and 24/7 response in case of incidents.
- Fix security issues as soon as they are discovered. A city can continuously be under attack if issues are not fixed as soon as possible.
- Create specific city computer emergency response teams that can deal with cyber security incidents, vulnerability reporting and patching, coordination and information sharing.
- Implement and make known to city workers secondary services and procedures in case of cyber attacks, and define formal communication channels.
- Implement fail-safe and manual overrides on all system services. Do not depend solely on the smart technology.
- Restrict access in some way to public data. Request registration and approval for using it, and track and monitor access and usage.
- Regularly run penetration tests on all city systems and networks.
- Prepare for the worst and create a threat model for everything.
Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.