Smart city networks could have cyber security weaknesses, according to a report on the global outlook by ABI Research.
The company has highlighted issues such as a lack of cryptographic measures and poor encryption key management in many network connections, and said many deployments of internet of things (IoT) technology could be vulnerable to cyber attacks.
Its Smart City Cyber Security application analysis report points to the complexity and interdependence of devices, systems, platforms and users in IoT networks, which are increasingly contributing to the critical infrastructure of many cities.
According to ABI industry analyst Dimitrios Pavlakis, the development of networks has focused largely on lowering bandwidth costs, increasing coverage and reducing latency, and they are not, in general, capable of handling cyber threats.
“Lack of cryptographic measures, poor encryption key management, non-existent secure device onboarding services, weaponised machine learning technologies by cyber attackers, poor understanding of social engineering, and lack of protection versus distributed denial of service (DDoS) attacks are just are some of the key issues contributing to the amplification of cyber threats in smart city ecosystems,” he said.
“This is further exacerbated by the lack of digital security investments and will, unfortunately, jeopardise the key elements of intelligence, efficiency, and sustainability of future smart city deployments.”
Shortcomings
The report says that, while some of the relevant network protocols such as narrowband IoT (NB-IoT) are aimed at dealing with the some of the security challenges, many suffer from the weaknesses outlined.
Pavlakis added: “Smart cities are increasingly under attack by a variety of threats. These include sophisticated cyber attacks on critical infrastructure, bringing industrial control systems to a grinding halt, abusing low power wide area networks (LPWAN) and device communication hijacking, system lockdown threats caused by ransomware, manipulation of sensor data to cause widespread panic (e.g., disaster detection systems) and siphoning citizen, healthcare, consumer data, and personally identifiable information (PII), among many others.
“In this increasingly connected technological landscape, every smart city service is as secure as its weakest link.”
The report forecasts there will be approximately 1.3 billion wide area network smart city connections worldwide by 2024, almost half of which are expected to be proprietary low power wide area and long term evolution varieties.
Image from the Royal Society
