Home / Our news and views / Will smart cities be secure or susceptible to disruption and attack?

Will smart cities be secure or susceptible to disruption and attack?

By PATRICK STEPHENSON

BRUSSELS – As more and more urban European services go online, EU citizens have come to expect to file their taxes, change their addresses, check traffic patterns and be informed about security alerts via their city’s web portal.

But does the response of cities to these changing demands present vulnerabilities that terrorists or criminals could exploit? This was one of the many critical questions explored at a conference, “Connecting the Citizen: Realising the Potential of Smart Cities”, held here on 7 November.

“Citizens want safety and privacy in their city,” Pierre Mirlesse, Hewlett-Packard’s vice president, told the event.

Noting that city dwellers demand a level of cyber-security that cities themselves are unprepared to provide, he drew his audience’s attention to the fact that criminals launched 1.9 million malware attacks per day during 2016, with many of those focussed on the web infrastructure of European cities.

“Cities are the next big target for cybercriminals,” he said. “We had double the amount of IoT [Internet of Things] attacks in 2016 than in the year before. The bad guys have an expanding ability to attack organisations. The weak point now is IoT. The next weak point will be cities.” [See this issue’s Euro-View on how IoT networks can be used to boost municipal security.]

Laurent Hublet, a member of Belgian Deputy Prime Minister Alexander de Croo’s cabinet, agreed. “Mobile phone, battery improvements, electric bikes, machine-learning algorithms, and the Internet of Things: [they are] all bringing a major paradigm shift, with consequences for our collective decision-making.”

Per Mirlesse, city venues such as stadiums offer municipalities unique opportunities to understand how citizens behave in groups, and how to react when crises strike. “At a stadium, everyone is connected through network capabilities for a small amount of time,” he said. Thus, if a sudden crisis broke out, municipalities could analyse the information provided by connected individuals and decide what emergency measures to implement. “It’s important for stadium [managers] to understand what is going on.”

Munir Ismet, government strategist at Hewlett-Packard, added that combining the separate ‘silos’ of city activity was the key. “The ability to put it all together comes with the move from silos to integrated solutions,” he said, and pointed to the New Zealand city of Auckland which monitors social media and more traditional news outlets to detect high-risk activities such as organised crime. Another example is Anaheim, California which pulls together data from connected citizens to manage the impact of earthquakes by making emergency response more effective.

Turning to urban cybersecurity, Väino Olev, director of IT for Tallinn said Estonia is determined to make the country’s cyber-networks as secure as possible. Referring to the government’s Smart Protection 2017 progamme, he said “we train 80 percent of smart device users to give them skills about using their devices securely.”

The programmed is financed jointly by Estonia’s public sector and private players such as banks and telecommunications companies.

     THE UPSHOT: No doubt so-called smart cities hold the potential for greater safety and security for their citizens, particularly in responding to natural disasters. But it’s also true that digital city services can be compromised by cyber-criminals, with potentially devastating consequences. Sooner or later, whatever can be hacked, will be hacked.
     But that principle is being ignored, as cities rush ahead to lower their costs through digitising citizen services. Widespread encryption is one possible remedy. Better citizen education, of the sort espoused and practiced by Estonia, is another. Indeed, the most secure computer system is useless if an ignorant or lazy user clicks on an infected malware attachment. Cities will either have to make their inhabitants more security savvy or design consumer services that are fool proof against sloppy user habits.

     ps@securityeurope.info

Check Also

The EP pushes for international ban on the use of killer robots

By BROOKS TIGNER, with KYLE ATTAR
BRUSSELS – Members of the European Parliament (MEPs) are demanding a ban on weapons that have no “meaningful human control”.The resolution, passed overwhelmingly on 12 September by a majority of the MEPs (566)  is non-binding, however, on the 28 member states but is supported by Federica Mogherini, the EU’s policy chief for security and defence policy. She has already begun an international dialogue to try and bring the world into consensus as to the direction of autonomous warfare. The resolution notes that lethal autonomous weapons (LAWs) are machines without the ability or capacity to make human decisions and, as such, remote operators must take responsibility for life or death decisions. Much like drones, these weapons bring up strong ethical and moral dilemma regarding...