Smart Cities Will Soon Be Under Attack

Cyberattacks, criminal hacking groups and data breaches are not going away and there is a constant stream of high profile data breaches, ranging from the theft of medical information, account credentials, corporate emails, and internal sensitive enterprise data.

Increasingly, many analysts are predicting a new trend that identifies smart cities as being at risk and in need of particularly serious focus. In smart cities, the scope for disruption is immense.

  • Hackers could take over the AIs that control critical infrastructure, putting water or electricity supplies in the hands of malicious actors. 
  • Connected cars might make a daily commute easier, although virtually all of our the nessecary data to operate them will reside in cloud computing datasets stored in data dumps strewn all over the Internet, where the dataflow and access to information is potentially vulnerable.

That convenience of a high level of urban interconnectivity  comes at a cost, says Mariarosaria Taddeo, who is a Senior Research Associate at the University of Oxford's Internet Institute. Artificial intelligence is a key part of cyber security’s future development, according to Ms Taddeo who says  “My speculative idea is that the more you have smart cities, the wider the surface of attack.”

Other experts take hope from the evolution of older software like Adobe Flash. Previously hackers have relied on a single flaw, says Ryan Kalember, head of cyber security strategy at Proofpoint, a leading technology protection company. “With a bug in 2010, I could do something really effective because the system was not designed in a resilient way.”

Mr Kalember is  optimimistic for improved security methods: smartphones, for example, already use biometric authentication such as fingerprint or facial recognition instead of passwords. “As you have things like face identification it becomes increasingly absurd that we have dozens, of passwords managed in deeply insecure ways,” he says. This shift is essential, he adds, because although technical vulnerabilities will be harder to exploit in future, humans are already the weakest link in cyber security, with the most tech-savvy individuals vulnerable to increasingly personalised and complex attacks.

The rise of deep fakes, synthetic audio, video and photos of people generated by algorithms, is one source of vulnerabilities. “Deep fakes are becoming increasingly common, increasingly accessible and increasingly realistic,” warns Henry Ajder, head of communications and research analysis at DeepTrace Labs, a start-up that identifies deep fakes.

Hackers can depict someone saying or doing almost anything using ever-decreasing amounts of initial material. So far, the technology has mainly been used to create so-called revenge pornography. But the risk of other criminal uses of deep fakes is growing as the tech improves.

But cyber security should not come at the cost of privacy, warns Ms Taddeo. She points to state of the art systems that can “monitor all of your movements while you’re connected, any keystroke, movement on the trackpad, where your eyes are moving”.  

Between pervasive data collection and constant authentication, she says, the risk is that we create a panopticon, where surveillance systems are expanded out of all proportion.

There are three key pieces of technology that are likely to drive the development of Smart City  secuirty in the coming decade:

Machine Learning And AI
Artificial Intelligence is already being deployed in a wide range of situations and it is likely that hackers are already incorporating AI into their attack methods.

The Cloud
Cloud storage represents both a risk and an asset when it comes to cyber security. On one hand, distributed storage can make critical information easier to steal, because an attacker only needs to identify one weak machine in order to compromise a system. On the other hand, with the correct encryption, cloud storage can actually be more secure than physical drives.

Blockchain
Blockchain has the potentail to revolutionise cyber security in the coming years. By providing a secure way to share key information between multiple users, it promises to protect data from the most common types of cyberattack. On the other hand, it might not be long before even blockchain is compromised.

TechTimes:       PhilPapers:   FT.com:      News Statesman:      ZDNet

You Might Also Read:

Securing Smart Cities Using AI:
 

 

« Mandatory IoT Security In Britain
Amazon Prime Scam Cost Victims £1m »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DoSarrest Internet Security Ltd

DoSarrest Internet Security Ltd

DOSarrest is a fully managed security firm specializing in cloud based DDoS protection services to a worldwide client base.

iboss Network Security

iboss Network Security

The iboss cloud is designed to deliver Network Security as a Service, in the cloud, using the best malware engines, threat feeds and log analytics engines.

Miller Group

Miller Group

Miller Group is an IT managed service provider. We proactively monitor and manage your entire business computer network. Services include backup & recovery and cyber security.

Finjan Holdings

Finjan Holdings

Finjan solutions are aimed at keeping the web, networks, and endpoints safe from malicious code and security threats.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Kudelski Security

Kudelski Security

Kudelski Security is an international cybersecurity company providing innovative, independent and tailored security solutions for large enterprise and public sector clients.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

GovSky

GovSky

GovSky streamlines CMMC compliance, saving time and significantly reducing cost.

Rakuten Maritime

Rakuten Maritime

Rakuten Maritime is your trusted partner in maritime cybersecurity, offering comprehensive and proactive solutions tailored to every stage of a ship’s life cycle.