Vulnerability of Today’s Smart City Implementation

To mitigate the corporately-pitched ‘Smart Cities’ landscape, sensors by the millions are being laid to the streets of urban centers around the world. These sensors are tasked with controlling and analyzing everything from street lights to oil pipelines. Being developed, sold, and installed with great haste might ultimately leave our cities worse off in only a way Hollywood and security experts might have predicted.

It should not be a surprise that these sensors and the underlying networking architecture used to share this data is a prime target for hackers and terrorists. Sadly, researchers have been demonstrating how they are able to break into these networks and control traffic lights, highway signage, and gain access to secure documents. Many are also prone to collapse upon distributed denial of service (DDoS) attacks. Cesar Currudo, an Argentine security researcher and CTO of IOActive Labs, not only demonstrated this last year to city officials in San Francisco but was able to demonstrate it again this past Saturday, one year later.

The vulnerability this technology deployment leaves our cities open to should not be underestimated. A clever terrorist could bring a city or country to its knees if access is granted via an unencrypted sensor node.

“When we see that the data that feeds smart city systems is blindly trusted and can be easily manipulated — that the systems can be easily hacked and there are security problems everywhere — that is when smart cities become dumb cities” — Cesar Cerrudo

From the bottom up, a city must deploy rigorous procedures and protocols to prevent these vulnerabilities from ever seeing exploitation.