smart city

Survey: Attacks on smart city IT all but inevitable

There are plenty of people trumpeting the benefits of the Internet of Things as more cities begin to invest significantly in smart city technology: it will give governments more data to make better decisions, it will make life easier for citizens. But there is inevitably one question brought up during any conversation of IoT: How will the security work?

A new survey from Tripwire of 200 IT professionals shows that those in the industry think an attack on smart city infrastructure is inevitable. The survey found that 78 percent of respondents think such an attack will either definitely or probably happen in 2016; 88 percent of the industry insiders said these attacks would pose a threat to public safety.

“While smart cities offer great efficiencies for their citizens, the same internet connectivity that enables these efficiencies can be used to deliver physical damage to infrastructure and also cause loss of life if accessed by malicious actors,” Rekha Shenoy, vice president and general manager of industrial cyber security for Belden, Tripwire’s parent company, said.

Robert Silvers, the assistant secretary for cyber policy at the U.S. Department of Homeland Security, announced this week that DHS is planning to release a set of principles for protecting IoT technology, according to Threat Post. It will also be a topic of conversation at the National Governors Association summit next month.

People tend to point out that the IoT gives attackers more potential access points to a city’s network, possibly making attacks easier. Tim Erlin, director of IT security and risk strategy for Tripwire, echoed that concern when announcing the survey findings.

“Protecting public infrastructure from cyber and physical attacks is a key consideration in the evolution of smart city technologies,” Erlin said. “We need to build smart cities with cyber security in mind, not add it as an afterthought.”

About the Author

Matt Leonard is a reporter/producer at GCN.

Before joining GCN, Leonard worked as a local reporter for The Smithfield Times in southeastern Virginia. In his time there he wrote about town council meetings, local crime and what to do if a beaver dam floods your back yard. Over the last few years, he has spent time at The Commonwealth Times, The Denver Post and WTVR-CBS 6. He is a graduate of Virginia Commonwealth University, where he received the faculty award for print and online journalism.

Leonard can be contacted at or follow him on Twitter @Matt_Lnrd.

Click here for previous articles by Leonard.

inside gcn

  • security in the cloud (ShutterStock image)

    Cloud security is the agency’s responsibility

Reader Comments

Fri, Sep 23, 2016 Dr. Kennedy

The major issue is that technology is deployed for use and sale before its risks can be properly assessed. Government should evaluate and establish tolerable risk levels based on public safety and security not economic growth. Just wait for smart cars, smart grid and etc. The law of "unintended consequences" could very well have more risks than benefits.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group