Cyber-Crime is a Reality in Smart Cities: How Can We Protect Connected Transportation?


VP Innovation

Smart cities need smart security. A connected system of power grids, transportation, IoT devices, automated buildings and cloud-systems means that an attacker only needs to breach one entry point in order to put an entire city at risk. A single vulnerability could allow attackers to make lateral moves across an entire network.

These threats are already a reality for many developing smart cities around the globe. Last year, the city of Dallas had their warning systems attacked, allowing 156 of their sirens to go off at once, causing enough fear and confusion to overload emergency services beyond capacity. More recently, the city of Atlanta suffered a devastating ransomware attack – making all electronic records inaccessible by encrypting their data. The attack hit 5 out of 13 networks, forcing many residents back to using pen and paper, fearful of spreading it further.

The first step to tackling these risks is leveraging data from the city’s multiple smart systems–

Which Types of Data Can Be Collected from Smart Cities?

Every element of a cloud-connected smart city is built to collect data around the clock. Some of this data has become second nature by now, such as the timetables of buses or trains, weather updates, or map data that lets us know if we should reroute our journey to avoid traffic. Other innovations are newer and still feel futuristic to many, from road sensors that can provide valuable information on vehicle and foot traffic, to street lights that sense pedestrian activity and adapt to suit.

Connected transportation is a key element of any smart city, and therefore a key vulnerability. From connected car sharing and ride sharing, to autonomous public and private transportation, these innovations in mobility are already in action in developing smart cities around the globe.

New data streams have also become a reality due to these vehicles, with an estimated 250 million connected cars on the road by 2020. Sensors in the cars themselves help gather insights on fuel usage, engine status, and maintenance requirements. Access to telematics data with GPS gives data analysts an added layer of information, allowing for on-road diagnosis of vehicle needs, and providing predictive maintenance to address repairs and security breaches before accidents or errors occur. Integration with mobile app data takes this even further- supporting valuable business intelligence by learning about the behavioral habits of the vehicles and passengers on the road.

Smart city environments are going to continue to grow in increasingly complex ways as new services and products enter the mix. With so much data to collect and manage – protecting it from cyber threats becomes a challenging task.

More Data Means More Risk

Threats to a smart city environment are constantly shifting. They include confidentiality and integrity compromise of sensor data through IoT devices, data loss as a result of inadequate management and storage, availability issues due to connectivity failures, and remote exploitation and malware injection originating anywhere from the main servers down to one individual sensor or user interaction.

Despite all of these threats and more, a third of state and local governments admit that their current data is not actionable. While most smart cities are collecting data from each system, whether that’s buses, trains, roads, sensors, and so forth – they do not have access to a clear view of how each interacts with the others. Cities can only stay safe if we use the wealth of data we’re collecting to get an accurate understanding of what’s happening on the ground.

Visibility of the data sources is key. But with so many interconnected elements in a smart city, how can businesses, authorities and governments leverage this data to stay safe?

One Clear View: Aggregating Data for Incisive Visibility

Simplifying the complex data environment of smart cities helps to ensure the validity and security of the data you’re collecting. In order to benefit from this, the solution should be a cloud-based platform that can access the data streams from each disparate source, display them in a ‘single pane of glass’ approach, and correlate them to detect fraud, service issues, cyber-threats and anomalies.

This service model can enable you to analyze data traffic across the entire ecosystem of a connected infrastructure. A solution that looks at just the sensors may miss dangerous information leakage from the data center, or a breach attempt through the user’s mobile app for example. Only by looking at all the streams of data in one place can you begin to get a full picture of the health and status of the environment in question.

Now consider the protection this could provide for our smart cities as a whole. All data is tracked and correlated as it comes in, whether that’s from the vehicles on the roads, or IoT sensors, smart devices like parking meters or traffic monitors, user smartphones and wearables. Municipalities can feel confident that their streets are protected from fraud or cyber-crime without blind spots or missing data, despite the complex connected system they’re a part of. The city is also automatically given a stronger security posture for issues of compliance and cybersecurity regulation, as your ecosystem is simplified, the data anonymized, and you can even set your own custom policy violations to stay on top of incidents in real-time.

Protecting Smart Cities with the Power of Big Data

An interconnected web of cloud-based connected transportation that includes public transit, connected cars, smart sensors and autonomous vehicles is already a reality. Protecting these systems against cyber-crime is essential, as just one vulnerability has been shown to breach an entire city. Accessing one comprehensive view of all your data sources enhances your security posture exponentially, alongside opening up opportunities for innovation and success.

Newsletter Icon

Upstream’s 2023 Global Automotive Cybersecurity Report

Newsletter Icon

to our newsletter

Sign up to receive updates delivered to your inbox

API Security Needs to be Integral in Automotive Threat Analysis and Risk Assesment

APIs enable the opportunity to innovate and improve services in the connected vehicle and smart mobility ecosystem. APIs are widely used in advanced features, services…

Read more

NHTSA Updates US Cybersecurity Guidelines for Vehicles

Connected and software-defined vehicles technologies are on the rise, offering customers a better user experience, and introducing new monetization strategies for OEMs. Given the rising…

Read more

Upstream Partners with Salesforce, Putting Connected Vehicle Data in Motion

The automotive industry is undergoing a massive transformation, building new revenue streams and business opportunities. Connected vehicle and smart mobility data are at the core…

Read more

Securing Smart Mobility Requires a Fresh Approach to API Security

Connected vehicles and smart mobility services use numerous APIs. Everything from OEM-driven companion apps, infotainment systems, OTA servers, telematics servers, and EV charging management or…

Read more