Smart Cities Will Soon Be Under Attack

Uploaded on 2020-02-03 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, GOVERNMENT-Local, TECHNOLOGY--Hackers

Cyberattacks, criminal hacking groups and data breaches are not going away and there is a constant stream of high profile data breaches, ranging from the theft of medical information, account credentials, corporate emails, and internal sensitive enterprise data.

Increasingly, many analysts are predicting a new trend that identifies smart cities as being at risk and in need of particularly serious focus. In smart cities, the scope for disruption is immense.

  • Hackers could take over the AIs that control critical infrastructure, putting water or electricity supplies in the hands of malicious actors. 
  • Connected cars might make a daily commute easier, although virtually all of our the nessecary data to operate them will reside in cloud computing datasets stored in data dumps strewn all over the Internet, where the dataflow and access to information is potentially vulnerable.

That convenience of a high level of urban interconnectivity  comes at a cost, says Mariarosaria Taddeo, who is a Senior Research Associate at the University of Oxford's Internet Institute. Artificial intelligence is a key part of cyber security’s future development, according to Ms Taddeo who says  “My speculative idea is that the more you have smart cities, the wider the surface of attack.”

Other experts take hope from the evolution of older software like Adobe Flash. Previously hackers have relied on a single flaw, says Ryan Kalember, head of cyber security strategy at Proofpoint, a leading technology protection company. “With a bug in 2010, I could do something really effective because the system was not designed in a resilient way.”

Mr Kalember is  optimimistic for improved security methods: smartphones, for example, already use biometric authentication such as fingerprint or facial recognition instead of passwords. “As you have things like face identification it becomes increasingly absurd that we have dozens, of passwords managed in deeply insecure ways,” he says. This shift is essential, he adds, because although technical vulnerabilities will be harder to exploit in future, humans are already the weakest link in cyber security, with the most tech-savvy individuals vulnerable to increasingly personalised and complex attacks.

The rise of deep fakes, synthetic audio, video and photos of people generated by algorithms, is one source of vulnerabilities. “Deep fakes are becoming increasingly common, increasingly accessible and increasingly realistic,” warns Henry Ajder, head of communications and research analysis at DeepTrace Labs, a start-up that identifies deep fakes.

Hackers can depict someone saying or doing almost anything using ever-decreasing amounts of initial material. So far, the technology has mainly been used to create so-called revenge pornography. But the risk of other criminal uses of deep fakes is growing as the tech improves.

But cyber security should not come at the cost of privacy, warns Ms Taddeo. She points to state of the art systems that can “monitor all of your movements while you’re connected, any keystroke, movement on the trackpad, where your eyes are moving”.  

Between pervasive data collection and constant authentication, she says, the risk is that we create a panopticon, where surveillance systems are expanded out of all proportion.

There are three key pieces of technology that are likely to drive the development of Smart City  secuirty in the coming decade:

Machine Learning And AI
Artificial Intelligence is already being deployed in a wide range of situations and it is likely that hackers are already incorporating AI into their attack methods.

The Cloud
Cloud storage represents both a risk and an asset when it comes to cyber security. On one hand, distributed storage can make critical information easier to steal, because an attacker only needs to identify one weak machine in order to compromise a system. On the other hand, with the correct encryption, cloud storage can actually be more secure than physical drives.

Blockchain
Blockchain has the potentail to revolutionise cyber security in the coming years. By providing a secure way to share key information between multiple users, it promises to protect data from the most common types of cyberattack. On the other hand, it might not be long before even blockchain is compromised.

TechTimes:       PhilPapers:   FT.com:      News Statesman:      ZDNet

You Might Also Read:

Securing Smart Cities Using AI:
 

 

« Mandatory IoT Security In Britain
Amazon Prime Scam Cost Victims £1m »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Spambrella

Spambrella

Spambrella provides email security with real-time threat protection. 100% SaaS (nothing to install)

Zymr

Zymr

Zymr specialize in cloud computing solutions including Cloud Security, Cloud Mobility, Cloud Apps, Cloud Infrastructure and Cloud Orchestration.

Versa Networks

Versa Networks

Versa is a software-defined networking vendor providing an end-to-end solution that both simplifies and secures the WAN/branch office network.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

Xage Security

Xage Security

Xage is the world’s first blockchain-protected security platform for Industrial IoT.

Calero Software

Calero Software

Calero is a leading global provider of Communications and Cloud Lifecycle Management (CLM) solutions designed to simplify the management of voice, mobile and other unified communications services.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

C3i Hub

C3i Hub

C3i Hub aims to address the issue of cyber security of cyber physical systems in its entirety, from analysing security vulnerabilities to developing tools and technologies.

Eleos Labs

Eleos Labs

Eleos Labs' suite of security tools prevent Web3 cyber attacks, reduce economic risks, and protect digital assets.

Threatsys Technologies

Threatsys Technologies

Threatsys’s Integrated cyber security process helps your organizations to ensure that it’s secure from any fraudulent attacks.

Threat Con

Threat Con

Threat Con is a one of its kind event in Nepal, a series of annual international security conventions similar to the famous Black Hat and DEF CON conferences.

xdr.global

xdr.global

Xdr.global is a cybersecurity consulting firm, focused on promoting and aligning Extended Detection and Response (XDR) security solutions.