At this point, the concept of the Internet of Things (IoT) is a fairly familiar one, but that familiarity is to the Internet of Things on the micro scale—appliances with capabilities enhanced by an available connection to the internet. There is another, more macro application to the Internet of Things: as a way to collect data in a municipal setting. However, like the IoT we are familiar with, these “smart cities” are host to many familiar problems.
The Concept of a Smart City
Like many technological developments, the idea of a smart city is built on good intentions. Through the use of technology, a smart city leverages collected data to functionally serve the public, better the services of government and improve the quality of life for its community.
Unfortunately, like many of the smart devices the general public can interact with, the systems that these cities leverage tend to be susceptible to attack.
What These Attacks Could Do
In order to understand the potential ramifications of these kinds of attacks, it’s important to first have an understanding of the kinds of systems a smart city is built upon.
The true purpose behind creating a smart city is to make it a better place to live, and to do that, certain systems need to be put in place. These systems are powered by the data they collect. With that data, insights into correlated problems can be leveraged to solve them.
The sensors these cities use to collect this data monitor a wide variety of data points, ranging from traffic conditions to the weather along with health-related factors like air quality and radiation. The data that’s collected is then used to decide how to approach infrastructure concerns through the power of automation. For instance, if traffic is moving slowly in an area, these systems would deliver that data to decision-makers, allowing them to make the call to reroute traffic a different way to ease the congestion. This system just makes the decisions, too.
The big problem with this is that now, if these systems don’t have sufficient security measures in place, they leave the city’s infrastructure vulnerable to attack. Unfortunately, in an initial study of three companies who provide these kinds of smart city systems, 17 basic vulnerabilities were present in their products. These vulnerabilities included things like easily guessable passwords, bugs that could allow malware to be introduced and opportunities for authentication requirements to be side-stepped.
Why This Matters
The harsh reality is that developing smart cities with these kinds of vulnerabilities is the geopolitical equivalent of intentionally wearing a “kick me” sign each time you go out in public. The United States of America have already learned this the hard way, as electoral systems and the energy grid have been hijacked recently. If appearances aren’t deceiving, actions are being taken to reinforce these vulnerabilities in these IoT devices, but it certainly doesn’t help if careless oversights are being made in the security of major metropolitan areas.
We’re not saying that bringing the Internet of Things to cities is a bad thing, but the security needs to be there. The same goes for businesses. If your business relies on devices that connect to the internet, like physical security devices, smart appliances and networking infrastructure, locking down these devices and keeping them patched is critical to keep your operations running without a hitch.
Give Advisors Tech a call at 844.671.6071 to learn about the security options we have to offer you.