A comprehensive report compiled by expert researchers from IBM Security has once again highlighted just how vulnerable smart cities are to being hacked.
The growing movement and momentum surrounding smart cities continues to increase on a global scale, but ICT experts have warned that government, city leaders and technology firms need to address the complex nature of security in a smart city which is generating data ranging from traffic sensors to healthcare.
The joint report published by IBM and data security firm Threat-care outlines how major smart cities all over the world are at risk of getting attacked. However, that hasn’t stopped cities from investing significantly into their programs and initiatives, with $81bn spent globally this year on data sensors to collect and integrate information.
Daniel Crowley, global head of research for IBM X-Force Red, studied sensor hubs from Libelium, Echelon and Battelle. They sell systems to smart cities. What Crowley and Jennifer Savage of Threatcare found was 17 new vulnerabilities, eight of them critical.
These included flood prevention, radiation level detection, and industrial systems that connect information to the internet. Crowley also found problems with communication between traffic signals and cars.
He told WVXU, "I definitely think it's concerning the number and severity of vulnerabilities we found. A number of them are deployed and exposed to the internet."
"This is a time for cities to review what devices they have," according to Crowley.
There are fixes. He says all of the companies developed patches within a short amount of time and have communicated that to the cities that have them.
From this Crowley says we can learn 3 things:
- The manufacturers need to check their security processes.
- Cities need to evaluate the risk to security and privacy for these systems.
- People should know they ultimately don't have control of their city and what technology it uses.
He suggests demanding transparency.
Two glaring errors which had nothing to do with Crowley's research were Hawaii's accidental missile alert and the hack that sounded Dallas's tornado sirens last year.