Lack of cybersecurity investments in smart cities will result in IoT vulnerabilities
Urban population is on the rise worldwide and smart city development projects are harnessing the power of the internet of things (IoT) to develop more intelligent, efficient, and sustainable solutions. However, digital security investments in smart cities are severely lagging, thereby seeding the future vulnerabilities of the IoT ecosystem, according to ABI Research’s Smart City Cybersecurity application analysis report.
The study predicts that some sectors such as healthcare, energy and public security will be under threat if investments are not made in the critical infrastructure of cybersecurity. Image: jemastock|123rf
The financial, information and communication technologies and defence industries will account for 56 per cent of the US$135 billion projected total cyber security spend in critical infrastructure in 2024, according to recent findings from ABI Research, a global tech market advisory firm.
The remaining 44 per cent of the 2024 spend will be split between the energy, healthcare, public security, transport and water and waste sectors – leaving them potentially underfunded and vulnerable to cyberattacks.
Smart cities are composed of a highly complex, interdependent network of devices, systems, platforms, and users. Smart energy, utilities, water and wastage, parking and automotive, industrial and manufacturing, building automation, e-government and telemedicine, surveillance and public safety are just some of the verticals that vendors and governments must secure.
“Smart cities are increasingly under attack by a variety of threats. These include sophisticated cyberattacks on critical infrastructure, bringing industrial control systems to a grinding halt, abusing low-power wide area networks (LPWAN) and device communication hijacking, system lockdown threats caused by ransomware, manipulation of sensor data to cause widespread panic – such as disaster detection systems – and siphoning citizen, healthcare, consumer data, and personally identifiable information, among many others,” explains Dimitrios Pavlakis, Industry Analyst at ABI Research. “In this increasingly connected technological landscape, every smart city service is as secure as its weakest link.”
Key vendors that provide smart city-specific solutions include cloud service powerhouses, security leaders, cellular communication experts, certification authorities and multi-vertical service providers. According to ABI Research there will be approximately 1.3 billion wide-area network smart city connections by 2024. Almost 50 per cent of those connections are expected to be LPWA-LTE and LPWA Proprietary. Some LPWA protocols are attempting to tackle at least some digital and communication security challenges. However, the fact of the matter remains that these intrinsically lightweight cellular versions aim to lower bandwidth cost, increase coverage, and lower latency. They are not, in general, capable of handling the increased number of cyber-threats in the interconnected smart city environment.
“Lack of cryptographic measures, poor encryption key management, non-existent secure device onboarding services, weaponised machine learning technologies by cyber-attackers, poor understanding of social engineering, and lack of protection versus distributed denial of service attacks are just are some of the key issues contributing to the amplification of cyber-threats in smart city ecosystems. This is further exacerbated by the lack of digital security investments and will, unfortunately, jeopardise the key elements of intelligence, efficiency, and sustainability of future smart city deployments,” Pavlakis concludes.
These findings are from ABI Research’s Smart City Cybersecurity application analysis report. This report is part of the company’s security research service, which includes research, data, and analyst insights. For details, see here.