Smart city is a futuristic concept with almost everything automated. By automating the mundane tasks you can have humans concentrate on creative tasks. Also automation will eliminate human errors. Centralised systems would help in controlling the operations at any part of the city from one place. For example, you get a notification when there’s fire at your garage and extinguishing it is just one click away. But with all the cool things associated with the idea, comes it’s fair share of security risks. IoT has given birth to a super connected technological landscape. In this scenario, a smart city is as secure as its weakest link. Because hacking into the weakest node of the network can pave the way to access even the most secure devices. Would Smart Cities come with the power of fighting these threats or this concept will vanish as a mere fiction? Let’s find out.
Cybersecurity – A Pressing Issue
Cyberattacks on the critical IT infrastructure have brought industrial control systems (ICS) to a grinding halt. Abuse of low-power wide area networks (LPWAN), device communication hijacking, system lockdowns by ransomware, manipulation of sensor data and siphoning of personally identifiable information (PII) are some of the factors that question the scope of smart cities. You have to be cautious and for good reason. The hackers of today are even capable of sneaking through the robust security systems of Sony, the Marriott and HBO. In 2011, Sony’s PlayStation Network was attacked exposing the personal data of 77 million users. The company paid millions of dollars in compensation including the refund to people whose bank accounts were abused. HBO lost 1.5 terabytes of data and in 2018, the Marriott’s reservation system was compromised. Apparently, the security of all the information that you give out is at stake.
The Cyberattacks of today
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Permanent denial- of-service attacks (PDoS), also known as phlashing PDoS is an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Smart Cities are going to include a myriad of expensive hardware. A PDoS threat can be a disaster in such a scenario.
Phishing emails are mainstream these days. Phishing emails have a legitimate outlook enough to make the recipient trust that it was sent from a reputed company. These emails generally request for sensitive information. The victims end up giving up the data trusting that their information is in safe hands. Hackers use this information to hijack and get control over the user’s devices. This unauthorized access will not be detected for a long period of time. This type of cybercrime is called Advanced Persistent Threats (APT). Phishing and APT have to be taken seriously when it comes to smart cities powered by IoT. It is easy to gain access to the weak touchpoints of a network through phishing. Once they get to control the weak points, they can quickly hack the centralized databases. Data generated by unprotected smart city infrastructure can be exploited for identity theft and fraudulent transactions.
Tips to fight cyber attacks
1. Cyber Resilience
Cyberresilience has to be practiced. It is the practice of being preventive besides being able respond to attacks. Cyberresilience also helps you quickly adapt the systems to survive the attack.
2. Ethical hacking
Ethical hacking (a.k.a penetration testing, intrusion testing, or red teaming) can be used to locate vulnerabilities by duplicating the actions of malicious hackers. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (black hat hackers) exploit them.
3. Foresight intelligence
Foresight intelligence can predict the threats that are likely to happen by analyzing emerging technologies. These insights can be useful to build cyber defence systems.
4. Cyber agility
Cyber agility can boost the scope of foresight intelligence as it is used for not about patching a security hole, but understanding what happens over time. Sometimes when you are defending against one vulnerability, you expose yourself to 10 others. Cyber agility can help in this scenario as well because it guarantees the recovery of critical digital systems from multiple cyber disasters.
Modern cyberattacks systems are automated. Defending against them manually is just not practical. So incorporating automation into your cybersecurity efforts is necessary. Also, you have to pay attention to the speed. Once a threat is detected, the protection needs to be distributed faster than an attack can spread.
Wrapping it up,
With all this said, people should become more aware of the threats and keep their data safe. Though companies and governments try their best to avoid attacks, you should be ready for the worst case scenario. Local Backup such as hard drives, tapes, and USB flash drives can be used to restore in case of any data loss. However, Cloud backups are a safe bet as they bring along the benefits of enterprise-level cyber security solutions. They require little to no maintenance. Let’s gear up for a better future together. After all, the change you wish to see should start with you.