Smart cities need smart security. A connected system of power grids, transportation, IoT devices, automated buildings and cloud-systems means that an attacker only needs to breach one entry point in order to put an entire city at risk. A single vulnerability could allow attackers to make lateral moves across an entire network.
These threats are already a reality for many developing smart cities around the globe. Last year, the city of Dallas had their warning systems attacked, allowing 156 of their sirens to go off at once, causing enough fear and confusion to overload emergency services beyond capacity. More recently, the city of Atlanta suffered a devastating ransomware attack – making all electronic records inaccessible by encrypting their data. The attack hit 5 out of 13 networks, forcing many residents back to using pen and paper, fearful of spreading it further.
The first step to tackling these risks is leveraging data from the city’s multiple smart systems–
Which Types of Data Can Be Collected from Smart Cities?
Every element of a cloud-connected smart city is built to collect data around the clock. Some of this data has become second nature by now, such as the timetables of buses or trains, weather updates, or map data that lets us know if we should reroute our journey to avoid traffic. Other innovations are newer and still feel futuristic to many, from road sensors that can provide valuable information on vehicle and foot traffic, to street lights that sense pedestrian activity and adapt to suit.
Connected transportation is a key element of any smart city, and therefore a key vulnerability. From connected car sharing and ride sharing, to autonomous public and private transportation, these innovations in mobility are already in action in developing smart cities around the globe.
New data streams have also become a reality due to these vehicles, with an estimated 250 million connected cars on the road by 2020. Sensors in the cars themselves help gather insights on fuel usage, engine status, and maintenance requirements. Access to telematics data with GPS gives data analysts an added layer of information, allowing for on-road diagnosis of vehicle needs, and providing predictive maintenance to address repairs and security breaches before accidents or errors occur. Integration with mobile app data takes this even further- supporting valuable business intelligence by learning about the behavioral habits of the vehicles and passengers on the road.
Smart city environments are going to continue to grow in increasingly complex ways as new services and products enter the mix. With so much data to collect and manage – protecting it from cyber threats becomes a challenging task.
More Data Means More Risk
Threats to a smart city environment are constantly shifting. They include confidentiality and integrity compromise of sensor data through IoT devices, data loss as a result of inadequate management and storage, availability issues due to connectivity failures, and remote exploitation and malware injection originating anywhere from the main servers down to one individual sensor or user interaction.
Despite all of these threats and more, a third of state and local governments admit that their current data is not actionable. While most smart cities are collecting data from each system, whether that’s buses, trains, roads, sensors, and so forth – they do not have access to a clear view of how each interacts with the others. Cities can only stay safe if we use the wealth of data we’re collecting to get an accurate understanding of what’s happening on the ground.
Visibility of the data sources is key. But with so many interconnected elements in a smart city, how can businesses, authorities and governments leverage this data to stay safe?
One Clear View: Aggregating Data for Incisive Visibility
Simplifying the complex data environment of smart cities helps to ensure the validity and security of the data you’re collecting. In order to benefit from this, the solution should be a cloud-based platform that can access the data streams from each disparate source, display them in a ‘single pane of glass’ approach, and correlate them to detect fraud, service issues, cyber-threats and anomalies.
This service model can enable you to analyze data traffic across the entire ecosystem of a connected infrastructure. A solution that looks at just the sensors may miss dangerous information leakage from the data center, or a breach attempt through the user’s mobile app for example. Only by looking at all the streams of data in one place can you begin to get a full picture of the health and status of the environment in question.
Now consider the protection this could provide for our smart cities as a whole. All data is tracked and correlated as it comes in, whether that’s from the vehicles on the roads, or IoT sensors, smart devices like parking meters or traffic monitors, user smartphones and wearables. Municipalities can feel confident that their streets are protected from fraud or cyber-crime without blind spots or missing data, despite the complex connected system they’re a part of. The city is also automatically given a stronger security posture for issues of compliance and cybersecurity regulation, as your ecosystem is simplified, the data anonymized, and you can even set your own custom policy violations to stay on top of incidents in real-time.
Protecting Smart Cities with the Power of Big Data
An interconnected web of cloud-based connected transportation that includes public transit, connected cars, smart sensors and autonomous vehicles is already a reality. Protecting these systems against cyber-crime is essential, as just one vulnerability has been shown to breach an entire city. Accessing one comprehensive view of all your data sources enhances your security posture exponentially, alongside opening up opportunities for innovation and success.
Upstream’s 1000th Automotive Cybersecurity Incident: Use NFC Card to Gain Control in 130 Seconds
As a part of Upstream’s ongoing effort to monitor, analyze and assess the impact of automotive-related cybersecurity incidents and vulnerabilities, we recently marked an important…Read more
Charging Station’s Cybersecurity Risks Endanger EV Adoption
Automakers and consumers are experiencing a breakthrough in electronic vehicle (EV) adoptability. Wide-spread easily accessible charging station networks are quelling range anxiety and replacing it…Read more
Protecting Vehicles Requires a Fresh Outlook on Product Cybersecurity
Cybersecurity is an ever-transforming realm. As vehicles become significantly more connected, the threat landscape increases exponentially. In the race between threat actors and security teams,…Read more
Cybersecurity for Connected Vehicles: From Cost Centre to Value Centre (Part 2)
This blog is part of a series on the monetization of connected vehicles through cloud-based agentless cybersecurity tools, written by Ric Vicari, Upstream’s UK-based VP…Read more