The web of connections underpinning the smart city needs to be well protected against evil-doers.
At 3:30pm on 23 December 2015, many residents in Western Ukraine were already looking forward to the New Year holidays when the lights went out. In a country touched by war, this time it wasn’t tanks or bombs disrupting everyday life, but the work of hackers. The infrastructure of the Prykarpattya Oblenergo power company was compromised, with 80,000 Ukrainians plunged into darkness as the result of one of the most audacious hacks ever committed. The hack - the first ever to bring down a power grid - was, according to investigators, a well planned and executed attack that systematically removed the network’s ability to function. Continued service attacks rendered it useless, with KillDisk malware used to wipe all computer files. The power eventually came back after six hours, but who was to blame?
In traditional warfare, as the saying goes, it’s easy to spot the enemy because they’re the ones firing at you. Online, the threat could be from just about anyone. And here is where the Smart Cities concept comes in. If executed well, it could offer incredible opportunities for connections that can help improve the way we work and live. But it could also expose us to new threats that law enforcement agencies and governments are working hard to tackle. As our cities and their populations become more connected, how do we maintain their security?
How smart can turn dumb
A smart city uses technology to automate and improve city services, ultimately making citizens’ lives better. It describes a city full of connections, where information technology and the Internet of Things (IoT) is embedded into everyday life. The problem is, for each connection, there’s a risk. Data is shared across networks that, if poorly encrypted, can be accessed. Each connection, however remote or seemingly innocuous, could provide an entry point for a hacker who could potentially manipulate that system for their own devices.
Digital security experts like Cesar Cerrudo, CTO for IOActive Labs, have concerns about how robust this encryption is. Cerrudo points out that many use weak encryption algorithms, and others have poor key encryption generation or fixed keys that hackers can gain access to. It’s not just fragile encryption or weak connection security - citizens in a smart city have a part to play too. Simple or shared passwords and lost memory sticks could potentially offer hackers the opportunity to access personal and business information that we hold. Malware can be stored within apps we freely download.
And how many of us ever read the terms and conditions when we sign up for apps or do much checking before clicking the button to allow our apps to access our data? Given that many of them are longer than novels (Apple’s Terms and Conditions are notoriously longer than Shakespeare’s Macbeth), it’s not surprising we don’t, but it could have implications for our security.
“If that technology is not secure and if it’s not properly protected, city infrastructure and citizens won’t be safe and will suffer cyber attacks,” Cerrudo says, warning that smart cities run the risk of becoming dumb cities if they continually suffer cyber attacks because of weak infrastructure.
Cerrudo himself has demonstrated how simple our cities’ systems can be to hack. Using a laptop and hardware that cost under $100, he was able to access individual traffic lights, changing them at will. Pushing further, he could access these systems from up to a mile away and even from an airborne drone.
The technology used for managing traffic lights in New York is also used to manage the traffic infrastructure in cities across the world, including Washington DC, New York, Seattle, San Francisco, London, Lyon, and Melbourne. Cerrudo’s example illustrates just how incredibly fragile our cities are, with small incidents having big consequences. It’s the principle of the ‘cascade’ effect. In a cyber attack, hackers may use the cumulative impact of a number of small intrusions that, when multiplied together, can cause havoc.
As an example of what can be achieved, in 2006 two aggrieved Los Angeles traffic operators remotely accessed four traffic lights at busy intersections. This seemingly minor interruption caused gridlock that lasted for days. Even more concerning was that it took three years for the perpetrators to be found, after they owned up to the crime.
If multiple entry points and unsecured data sharing across systems is the biggest risk for our smart cities, then surely the answer must be in having one system that manages everything?
The idea of the Urban Operating System (UOS) has in the past been a key part of the concept of a Smart City. From one single operating system, the entire infrastructure of a city can be connected, organised and managed. But it’s increasingly viewed negatively by smart-city experts like Tom Saunders, senior researcher at Nesta, who believe we’re actually safer if systems are fragmented.
“Companies are still pushing the one-system model,” says Saunders, who is also the author of ‘Rethinking Smart Cities from the Ground Up’. But for him at least, it’s not the answer: “To be secure you want lots of separate systems that compete. That way, the whole city network can’t be hacked.”
One of the main reasons Saunders believes the UOS model won’t take hold is that, contrary to claims made, there are no real smart cities, just a collection of individual projects. “In the UK, we can’t afford to roll out 100,000 sensors across the city,” he says. Smart Cities like Bristol, Milton Keynes and most recently Manchester are investing in small-scale smart projects, not imposing a complete smart system upon the city. The infrastructure and technology behind the projects aren’t linked, meaning hacking them all would be complex and time-consuming.
If we’re unable to build our Smart Cities from the bottom up, then it’s essential that we impose security upon the systems that we already have. Symantec is one of a number of organisations working together to develop a secure communications standard that it hopes will do just that.
At the moment, many city systems enjoy ‘security through anonymity’. As these systems are increasingly introduced to Smart City elements, experts like those at Hyper-Cat are calling for the introduction of a safe operating standard that can ensure that minimum security conditions are met.
Cerrudo agrees that securing this communication is the biggest challenge for a smart city, but he’s critical of the industry. “Most smart city technology vendors are immature and don’t have enough cyber security knowledge,” he says.
Rather than developing new communication standards, Securing Smart Cities - a non-profit organisation that brings together academics and businesses - creates resources and guidance for public and private sector organisations to help cities protect themselves. Securing Smart Cities is increasingly calling on governments to take a much greater involvement in smart cities. “Right now governments are blindly trusting vendors and deploying technology without making sure it’s secure,” says Cerrudo.
Perception of risk
It’s easy to focus on the potential risks of smart cities, but it’s also important to recognise that headline-grabbing cyber attacks are incredibly rare. One reason for this, Sian John of Symantec points out, is that the UK has been a leader in cyber security, taking seriously the potential for online damage to cities.
In 2011, the National Cyber Security Strategy was published, outlining in detail the UK’s approach to tackling cybercrime. Responsibility falls to a number of different agencies, including the National Crime Agency, the Secret Intelligence Service (MI6) and a variety of European agencies including Europol.
One of the biggest challenges is ‘critical infrastructures,’ like electricity generation and gas production. Details are kept to a minimum but EDF Energy, the operator of eight nuclear power stations in the UK, declares that “a cyber attack would be unable to defeat the reactor protection systems at EDF Energy’s nuclear power stations in the UK, due to the protection measures that are in place.”
Those in charge of critical infrastructure are able to call upon support from government agencies in the event of a cybercrime crisis. Created in response to the Cyber Security Strategy, CERT-UK (Computer Emergency Response Team UK) looks after national cyber-?security incident management, including offering support to critical national infrastructure companies to handle such incidents.
Organisations work proactively to test their ability to withstand cyber attacks, with many employing so-called ‘ethical hackers’ to carry out penetration tests of systems. In the US, the federal government has recently launched a ‘Hack the Pentagon’ scheme, inviting would-be hackers to help identify any security holes, which can be plugged before they are exposed by those with a malicious intent.
Security in a smart city often focuses on the big threats to the population, and on how critical infrastructure can be protected. But smart, connected cities also play a key role in protecting the citizens. After all, smart cities thrive on ‘big data’. This mountain of seemingly unconnected data is being processed by sophisticated computer programs to help predict real crimes. It may sound like science fiction, but the concept - dubbed predictive analytics - is actually in development and being trialled in many places around the world.
In 2011, the Santa Cruz Police Department introduced such ‘predictive policing’ to the force, and saw arrests increase by 57 per cent. The system divides the city into cells 450m square, with a computer algorithm assigning a probability of crime based on an analysis of previous crime data, social media and other local data sources.
The technique is being further developed by companies like Hitachi, whose Visualization Predictive Crime Analytics system blends real-time event data captured from public safety systems and sensors with historical and contextual crime data from record management systems and other sources. Spatial and temporal prediction algorithms are used to assign threat levels for every city block and also to create threat level predictions, forecasting where crimes are likely to occur or additional resources may be needed. Hitachi estimates that the system can predict crimes to within a 200-metre radius.
New technology has always been used by police forces to tackle crime, with GPS trackers in cars, mobile phone records, bridge toll passes and more being used as evidence in cases. As our cities become increasingly connected, law enforcement agencies will be able to use this data to prosecute criminals. But information can also be misused. The police have strict rules defining how they investigate crimes and name suspects, but the general public doesn’t. In April 2013, Boston was shaken by the detonation of two bombs at its annual marathon. After the incident, the entire city went into lock-down as the perpetrators went on the run.
During this time, CCTV images, social media and a variety of other open sources were used by concerned citizens and media outlets to identify and name potential suspects. The problem was, these people were innocent bystanders and, in one case, a participant in the marathon. The smart city can help protect its citizens, but access to information should come with some responsibilities.
The dark side of connected cities is the risk of increasing control of citizens. All those involved agree there needs to be a line drawn at what level of intrusion we will accept to maintain our freedom.
It’s a contentious issue for our lawmakers too. As the UK Parliament scrutinises the Draft Investigatory Powers Bill (the so-called ‘snooper’s charter’), it’s clear there’s no political consensus yet. However, the ‘Minority Report’ scenario (where people are arrested for future crimes) is dismissed by John and Saunders, who are both keen to point out that, in the UK at least, there is neither the will or the capacity for this.
Not everyone shares that view. “When I think of a ‘connected city’, I think of systems that centralise information and power over its residents,” says Derek Eder, lead organiser of Chicago Hack Night. He uses smart-city technology to cast a light on the workings of local government, relying on open information to “look to see how data or technology could be used to influence change or make a process easier for citizens”.
The approach has been welcomed in Chicago, where open-source data has been used to help forecast E.coli readings at city beaches and predict which types of food outlet are most likely to violate hygiene rules.
In the end though, while it’s easy to focus on the risks of smart cities, John points out that we’ve always lived with risks, it’s just that they are changing. Eder suggests that the Smart City will only work with smarter citizens. Cerrudo agrees, but cautions: “We depend more and more on technology and if we don’t learn how to better protect it, sooner or later we will suffer the consequences”.