Emergency alerts, video surveillance tools and smart traffic lights are among the most vulnerable smart city systems, according to a report by an interdisciplinary team of researchers from the Center for Long-Term Cybersecurity at the University of California, Berkeley.
Smart waste and recycling bins and satellite water leakage detection systems are perceived to be less vulnerable compared to other technologies assessed, include gunshot detection, public transport open data and smart tolling.
The analysis is based on a survey in which 76 cybersecurity experts ranked nine common smart city technologies according to underlying technical vulnerabilities, their attractiveness to hackers, and the potential impact of a successful serious cyberattack.
“Local officials receive a barrage of information about ‘smart city’ solutions to problems such as traffic congestion, crime, and inefficient use of power and water,” said Alison E. Post, Associate Professor of Political Science and Global Metropolitan Studies at UC Berkeley, one of the report’s co-authors. “How should they consider the risks of cyberattack that such new systems may introduce? This report will help local-level policymakers better understand how cyber risks vary among different smart city technologies.”
Eighteen of the 76 respondents said that tampering with smart traffic lights could cause accidents and gridlock, and prevent emergency vehicles from reaching their destinations. Ten cybersecurity experts described how spoofed emergency alerts could cause widespread panic and civil unrest.
Participants also indicated that nation-states and insiders would be most effective at executing cyberattacks, compared with thrill seekers, cybercriminals, terrorist groups, and hacktivists.
Spending on smart city technology is expected to reach US$327 billion by 2025, according to Frost & Sullivan. The analyst firm predicts that at least 26 smart cities will be established by then, demonstrating maturity in data-driven and connected infrastructure and digitalised services. While smart city technology offers benefits to municipalities and their residents, it can also increase risk.
In January this year, a cyberattack rattled nerves when a hacker tried to remotely alter chemical concentrations in a Florida city’s water supply system.
Ransomware is also on the rise. In 2019, governments reported 163 ransomware attacks, with more than US$1.8 million in ransoms paid and tens of millions of dollars spent on recovery costs – this represented a nearly 150 percent increase in reported attacks from 2018. Cities such as Baltimore, Atlanta and New Orleans have suffered ransomware attacks in recent years.
In August, a report from cybersecurity firm BlueVoyant found that cyber-attacks on state and local governments are rising in frequency and cost.