Written by Vicki Batka, Senior Vice President of APJ Sales, Trellix.
As smart cities continue to evolve and shape the world around us, Australia is taking steps to ensure it keeps up with advancing technology through its constant development of smart cities.
Smart cities use purpose-built technology and data to make better decisions, optimise efficiency and create a greater quality of life for their citizens. Specifically, these cities are looking to use the data and technology to; improve the cost of living, create safer areas, enable better healthcare, monitor and support the environment and save time. Examples we see across the nation:
- Use of communication and information technology – Community WIFI & Data, Bathurst: This project will install Wi-Fi access points providing internet services to the community and real-time communication of tourism, traffic, weather, council, business and service information.
- Data-based town planning – Smart Redevelopment, Victoria: This project will use new online data and spatial analytics planning tools to identify residential precincts with high redevelopment potential.
- Environmental monitoring – Reducing urban impacts on the Great Barrier Reef, Cairns: This project will install a connected network of environmental sensors in urban waterways to obtain real-time water quality data on discharges entering the Great Barrier Reef Marine Park.
- Sustainable public transport & urban mobility – Smart Move, Newcastle: This project will deliver a city-scale transport, energy and digital infrastructure network including laser-enabled roadside poles, solar and battery-powered electric vehicle charge points, smart bus stops and smart parking.
Security vulnerabilities
An issue connected with the continual progression of smart cities is malicious actors looking to prey on security vulnerabilities, which has the potential to do serious damage.
Recent years have seen technology push the growth and modernisation of cities. Artificial intelligence (AI), real-time data monitoring, machine learning algorithms and high adoption of the cloud are some examples of innovations that are shaping cities across Australia. As such, the security of these systems is a concern for governments and organisations given that threat actors have the ability to compromise networks and connected devices. Recent global research from Trellix which included over 1,000 Australian respondents, revealed that 60% of cybersecurity professionals admit security threats evolve so rapidly they’re struggling to keep up.
By adding more devices, buildings, traffic cameras and even lights or bins to the IoT (internet of things), it provides threat actors more opportunities to disrupt systems and harvest personal data. The potential levels of interference and data will undeniably make smart cities an attractive target for bad actors. This is why organisations working with smart city technology must have a cybersecurity ecosystem that will withstand the evolving nature of malicious attacks. Furthermore, inefficient protection can impact an organisation’s bottom line, with Trellix’s study revealing that 85% of cybersecurity professionals reported that their organisations lost up to 10% of revenue due to security breaches in the last 12 months.
Threats facing smart cities
Trellix was able to demonstrate the serious impacts and damage that would occur if a bad actor gained access to the network of a smart city. In June 2022, they conducted and shared new research on how they gained physical access to a facility due to the vulnerabilities of its industrial control system (ICS). The research stood as a microcosm for threats against smart cities.
In this example, the Advanced Research Centre (ARC) team tested and researched a vulnerability and found that through leveraging classic hardware hacking techniques they were able to access a control panel used across education, health care and transportation. By gaining full network access they uncovered that the hacker would have the ability to remotely unlock and lock doors, subvert alarms and weaken logging and notification systems. This has a domino effect as the unpermitted access then allows for physical access and exploitation of the network.
How to develop and secure smart cities
As the advancement of Australian cities continues, measures and steps to protect them from any form of cyber-attacks need to occur now, in the planning and development phase.
In 2020, the City of Sydney created a strategy and action plan titled the ‘Smart city strategic framework’. The framework outlines how Sydney aims to achieve a clear, ethical, and secure progression plan as it develops into a smart city. Although the framework does aim to meet new challenges by regularly reviewing and adapting its policy and progression, there is a lack of focus regarding cyber security.
The framework that the plan has outlined is a great approach to a smart city, however, cyber measures do need to be at the forefront of discussion as it is a major risk to urban infrastructure. Cyber security is possibly the most important aspect of smart cities and governments need to acknowledge and act on this. Leaving networks and societies vulnerable to threat actors due to poor management and planning cannot occur, thus strong investment and ownership of cyber security needs to be taken by Government.
Throughout Australia, smart cities have the potential to transform the lives of those living within, creating safer, greener and more efficient cities. The uptake of technology in cities does however create opportunities for threat actors to capitalise on the growing IoT and disrupt or hack critical infrastructure. Providing ‘living’ cybersecurity architectures that can deal with the constant barrage of global threat actors is needed to combat these threats.