Macro Systems Blog
Utilizing Smart City is a Risky Move Right Now
So far, the majority of our experience with the Internet of Things has been on a small scale: accessories and appliances that connect to the Internet to gain some additional functionality. This technology can also be applied to a larger, more civic purpose, including the development of a “smart city.” Sadly, this application could prove to be as troublesome as the IoT we are more used to.
Smart City's Purpose
In principle, a smart city seems like a good idea. Utilizing technology and heavily relying on IoT principles, a smart city gathers data and leverages it to upgrade public services, inform the local government’s actions, and generally improve the population’s contentedness. Traffic flows more smoothly, infrastructure is better maintained, etc.
That's how a Smart City should operate, in theory..
There is an poor tendency for consumer-focused IoT devices to be susceptible to attack, a trait shared by the systems that control a smart city.
The Consequences of an Attack
To completely comprehend the influence that an attack on a smart city could have, it would help to take a closer look at some of the systems that a smart city would have in place. As noted, the motivation behind a smart city is to upgrade the population’s quality of life, a goal that requires data collection and analysis to be reached.
This data will be collected via sensors that examine a vast variety of factors such as the weather, traffic conditions, and even air quality and radiation. While this data would once be delivered to human decision makers, automated systems would be able to make changes to resolve any issues. For example: if traffic was starting to become crowded in a certain area, the surrounding traffic signals could be automatically manipulated to relieve the gridlock.
The problems starts when these systems don’t have enough security to keep them secure from cyberattacks, potentially leaving the city’s infrastructure wide open. In a preliminary study of three companies that could supply the systems that a smart city would be built upon, their products had 17 basic vulnerabilities; we’re talking very basic vulnerabilities, such as easily-guessed passwords, avoidable authentication requirements, and bugs that could open the door for malware.
Why This is Critical
In a geopolitical sense, constructing a smart city with vulnerabilities like these is like putting a target on one’s back. You only have to look at the fairly recent cyberattacks on both the energy grid and electoral systems of the United States for evidence that infrastructure and civic systems are considered very fair targets. While there are actions in process to shore up these weaknesses, opening up metropolitan areas to attack through obvious security flaws would not be a good idea.
That's not to say that scaling the IoT to a metropolitan scale is inherently not a good idea; it’s just there needs to be more security protecting the well-being of the populace that lives there. The same can be said of any organization that relies on Internet-connected technology. If the devices and network components that a business uses aren’t patched and secured, that business is vulnerable.
Macro Systems can help. Give us a call at 703-359-9211 to learn about our security solutions and how they can protect your business.