How can we secure our smart cities?
Integrating technologies such as IoT, big data and cloud, smart cities will transform the way we live and work. Despite its benefits, these vast technology systems raise major security concerns as well. As technology development continues to accelerate, it is critical that we take a step back to consider where key threats originate.
eGov Innovation speaks with Mr David Siah, Country Manager of Trend Micro Singapore, on how we can secure our smart cities. Mr Siah is Chairman of the Cloud Security Alliance in Singapore, and a member of IDA’s Cyber Security Alliance.
With smart city projects being implemented across the world, what new security threats and risks do we need to prepare for?
The convergence of IT, industrial control systems and Industrial IoT in smart cities means a successful attack is bound to have major impact, hence it is crucial to stay alert and defend against both known and unknown threats. Smart city projects need to be resilient in design and fail-safe, and should they be unable to meet these – the likelihood against the following could be very high:
- Smart grid attacks that cause blackouts affecting millions
- Traffic congestion or accidents should hackers access smart traffic systems and affect transport movement
- Attacks against a city’s wastewater sewer system that may cause pollution within the water to spread contagious disease
- Attacks against smart trashcans may cause issues in public health
Presently, what aspect of smart cities do you think is most vulnerable?
At present, every aspect is equally vulnerable. This could be better estimated by the scale, impact, intention and execution of the attack. As critical infrastructure is greatly utilized amongst the wider population, such as power generators or water networks – there is greater emphasis to protect these systems due to the considerable impact that they cause to society.
What are some recent examples of attacks on smart cities?
Notable examples of cyberattacks on smart cities include:
- Ukrainian power station, the first ever malware-driven power outage reported and left thousands of households without power for a few hours.
- San Francisco Municipal Transport Agency, which experienced a ransomware attack that saw the light rail transit going offline and affecting commuters during the busiest shopping weekends of the year.
- Washington DC's surveillance camera breach, a ransomware attack that infected police surveillance cameras eight days before the inauguration of President Trump, forcing widespread installation efforts to regain back access. This raises alarms on the vulnerability of the surveillance system that could have been much worse if it was not infected by ransomware but hackers with a fixed agenda tracing important figures.
What are some privacy concerns surrounding smart city development?
Singapore, a budding smart city nation places great reliance on data that shares behavioural feedback via sensor networks situated around the state. This heightens issues around the privacy of its citizens, should hackers gain access to its sensors, cameras or mobile phones. According to a study conducted by software-makers Straits Interactive and Appknox, it was discovered that 90% of mobile apps in Singapore do not adequately declare what consumer data is collected or how it is used, hence potentially falling foul of Singapore's Personal Data Protection Act (PDPA).
Another possible privacy concern around smart city development would be the lack of proper de-identification. This includes London’s bicycle hire scheme that was found to be publicly accessible. The information shown included personal information such as unique customer identifiers, location, and journey details such as date, time, and route.
What can we do to secure smart cities?
It is important for governments to be mindful that, as smart city infrastructure develops over time, its lifespan is far greater to that of regular consumer products. Will there still be a security patch available after 10 years when the technology obsoletes? Is it possible to anticipate and mitigate a vulnerability 20 years in advance? How can governments establish a technology infrastructure that is capable of fighting the battle against the huge volume of current threats but also a growing array of stealthier new attacks designed to circumvent traditional technologies?
The ability to bridge the gap between an old and new generation of threats, IT architectures, and even user behaviours is what makes a smart city truly smart. Trend Micro XGen™ security is designed to achieve so, where governments can leverage its ‘cross-generational’ approach that knows how to use the right threat defense technique at the right time to ensure maximum protection with the utmost efficiency.
It is also recommended for governments to set up cybersecurity enforcements and agencies to ensure the safety of smart cities. Singapore has established its Cyber Security Agency (CSA) that oversees the nation’s cybersecurity strategy, landscape and education.
To address the broadest set of known and unknown threats that smart cities encounter, there are three key elements that enterprises and government bodies need to look at to achieve smart protection, early threat detection and quick threat containment/ response:
1) Integrating traditional and advanced defense techniques to defend against threats
To solidify your defense, traditional defense techniques such as blacklisting, whitelisting, exploit prevention, reputation lookup, and proactive virtual vulnerability patching should be blended with advanced threat defense techniques such as custom sandboxing, threat actor behavior and impact analysis, and machine learning.
2) Blending threat detection layers for early threat detection
Blending detection techniques to detect threat actors within the cyber infrastructure will give greater situational awareness on indicators of attacks. This can be fueled with correlated and actionable threat data to aid early threat detection and prevention.
3) Employing global threat intelligence to speed up threat containment and response
By integrating automated and seamless sharing of threat intelligence across threat detection and protection layers, we can speed up threat containment and response.