Smart city solutions utilise complex, networked assemblages of digital technologies and ICT infrastructure to manage various city systems and services. Any device that relies on software to function is vulnerable to being hacked. If a device is networked, then the number of potential attack points multiples across the network, and the hack can be performed remotely (1). Once a single device is compromised, then the whole assemblage becomes vulnerable to cyberattacks that seek to ‘alter, disrupt, deceive, degrade or destroy computer systems and networks or the information and/or programs resident in or transiting these systems or networks’ (2).
There are three forms of cyberattack: availability attacks that seek to close a system down or deny service use; confidentiality attacks that seek to extract information and monitor activity; and integrity attacks that seek to enter a system to alter information and settings (such as changing settings so that components exceed normal performance, erasing critical software, or planting malware and viruses) (3). The vulnerability of smart city systems is exacerbated by a number of issues including weak security and encryption; the use of insecure legacy systems and poor maintenance; large and complex attack surfaces and interdependencies; cascade effects; and human error and disgruntled (ex)employees (19). The result is that the process of making city systems and infrastructures ‘smart’ has also made them vulnerable to a suite of cyber-threats (4,5,6).
Cyberattacks can target every type of smart city solution and particular system components. There are a number of weak points – including SCADA systems, the sensors and microcontrollers of the Internet of Things, and communication networks and telecommunication switches.
SCADA systems
Various forms of urban infrastructure, including the electricity grid, water supply, and traffic control, rely on SCADA (supervisory control and data acquisition) systems that are used to control functions and flow (4). These systems measure how an infrastructure is performing in real-time and enable either automated or human operator interventions to change settings. SCADA systems can be traced back to the 1920s, but were extensively rolled out in the 1980s (12). As a consequence, many deployments are quite dated. Many have been found to operate with their original security codes (13). In some cases, while the infrastructure is relatively secure, the communications network is vulnerable (4). A number of SCADA systems have been compromised, with hackers altering how the infrastructure performs, or causing a denial-of-service, or have stolen data. Probably the most infamous SCADA hack was the 2009 Stuxnet attack on Iran’s uranium enrichment plant in which the system was infected by malware that destroyed a number of centrifuges by running them beyond their design specifications (12). By 2010 over 90,000 Stuxnet infections were reported in 115 countries (5).
Internet of Things
The Internet of Things refers to the connecting together of machine-readable, uniquely identifiable objects across the Internet. Some objects are passive and can simply be scanned or sensed (such as smart cards with embedded RFID chips used to access buildings and transport systems). Others are more active and include microcontrollers and actuators. All kinds of objects that used to be dumb, such as fridges, thermostats and lights, are now becoming networked and smart, generating information about their use and becoming controllable from a distance. Moreover, sensors can be embedded into the urban fabric and throughout critical infrastructures to produce data concerning ‘location, proximity, velocity, temperature, flow, acceleration, sound, vision, force, load, torque, pressure, and interactions’ (13). Sensors and microcontrollers are hackable as they often have little effective security, encryption, or privacy protocols in place. RFID chips, for example, can be hacked, jammed and spoofed (13).
Communication networks and telecommunication switches
The Internet of Things are linked together via a number of communications technologies and protocols such as 4G LTE (Long Term Evolution), GSM (Global System for Mobile communication), CDMA (Code Division Multiple Access), WiFi, bluetooth, RFID (Radio-Frequency Identification), NFC (Near-Field Communication), ZigBee (open wireless standard), and Z-Wave (wireless communication). Each of the modes of networking and transferring data are known to have security issues that enable data to be intercepted and provide access to devices. Likewise, telecommunication switches that link together the local and long distance Internet infrastructure are known to have vulnerabilities including manufacturer and operator back-door security access and access codes that are infrequently updated (4).
Transport management systems and vehicles
There have been a number of cyberattacks on transport management systems in recent years, as well as proof-of-concept demonstrations of possible attacks. For example, a cyberattack on a key toll road in Haifa, Israel, closed it for eight hours causing major traffic disruption (9). A research team from the University of Michigan managed to hack and manipulate more than a thousand traffic lights in one city using a laptop and wireless radio (15). Likewise, IOActive Labs have hacked traffic control sensors widely used around the world and altered traffic light sequencing and interactive speed and road signs (16). A teenager in Lodz, Poland, managed to hack the city tram switches, causing four trams to derail and injuring a number of passengers (1, 13). In the US, air traffic control systems have been hacked, FAA servers seized, the personal information of 58,000 workers stolen, and malicious code installed on air traffic networks (13). Vehicles themselves are also open to being hacked given that a new car contains up to 200 sensors connected to around 40 electronic control units and can connect to wireless networks. A recent Wired article details how two hackers were able to remotely hack a car through its Internet computer that controls entertainment and navigation systems, facilitates phone calls and can provide a wifi hotspot, using it as a route to replace firmware that enabled them to take control of the car’s internal computer network. The hackers could then take over the driving of the car from over 10 miles away, turning the driver into a passenger (17).
Electricity grid and smart meters
The generation, transmission, and distribution of electricity are monitored and controlled using SCADA systems (12). In addition, the electricity grid consists of a range of other networked devices. In the case of the US energy grid over 70 percent of components are over 25 years old, including many SCADA systems (13). Given the potential cascade effects of shutting down the electricity grid, it has been a key point of cyberattack. Electricity grid utilities in the US report being under near constant cyberattack, with one utility recording that it was the target of approximately 10,000 cyberattacks each month (all five commissioners of the Federal Energy Regulatory Commission agree that the threat of a cyber-attack on the electric grid is the top threat to electricity reliability in the United States) (8). The Israel Electric Corp. reports that its servers register about 6,000 unique computer attacks every second, with other critical infrastructure also under continuous cyberattack (9). As smart grids and smart meters are installed, the number of potential access points to grid networks increases enormously (12). Smart meters themselves can be hacked with low-cost tools and readily available software to alter proof of consumption or to steal energy from other users (1, 14).
Read the full article here
Credit: The Programmable City
