As cities grow more technologically advanced, we must adapt to new security measures to keep up with digital threats, writes Paul Budde.
A NEW set of guidelines has been issued by the Australian Signals Directorate (ASD) warning about security risks consists of the use of 5G technology in so-called smart cities. ASD’s concerns are consistent with Five Eyes security alliancewho have warned that the interconnected nature of a fully connected city makes it vulnerable to cyber-attacks.
While smart cities offer benefits such as increased efficiency and data-driven decision-making, the downside is that they can expose national and economic security, public health and safety, and critical infrastructure to potential vulnerabilities.
These renewed warnings come amid the Australian government’s the plan to strengthen national security and make Australia one of the safest countries in the world by 2030. As part of this plan, Ministry of the Interior currently reviewing submissions to its Cyber Security Strategy Discussion Paperwhich closed last week.
ASD’s guidelines provide a quick reminder of the need to consider the security implications of smart city technology as Australia becomes more enmeshed in the connected infrastructure environment.
The risks of smart cities are not new. 2020, US National Security Agency (NSA) warned that 5G technology used in smart cities could create new ones attack vectors for hackers, including the potential to disrupt critical infrastructure. UK’s National Cyber Security Center (NCSC) have also highlighted the risks of smart city technology, including the potential for attacks against autonomous vehicles and the use of data to target individuals.
Smart cities rely on the Internet of Things (IoT) to connect urban infrastructure to the internet. This interconnection creates a web of potential vulnerabilities, with any weaknesses in the system potentially exposing the entire network to attack. For example, a hacker could exploit a vulnerability in a single IoT device, such as a traffic light, to gain access to the wider network and disrupt critical services such as emergency services or public transport.
To manage these risks, the ASD guidelines recommend that smart cities adopt a risk management approach that includes identifying potential vulnerabilities and implementing appropriate security measures. This can include measures such as ensuring that all IoT devices are secure by default, using encryption to protect data in transit and at rest, and implementing multi-factor authentication to prevent unauthorized access.
ASD also recommends that smart cities use a “defense in depth” strategy, where multiple layers of security are used to protect the network. This may include measures such as segmenting the network to prevent the spread of malware, implementing intrusion detection and prevention systems, and regularly testing network security through penetration testing and vulnerability scanning.
The risks of smart cities are not limited to cyber attacks. There are also concerns about the potential for misuse of data collected by IoT devices. For example, data collected from smart cameras can be used to track individuals’ movements, raising privacy and civil liberties concerns. To address these concerns, ASD recommends that smart cities adopt a privacy-based approach, where privacy concerns are built into the network design from the start.
The risks of smart cities are not unique to Australia. Governments around the world are grappling with the security implications of smart city technology as they seek to harness the benefits of technological innovation while mitigating risks. In the UK, the NCSC has issued guidance on securing smart cities, while the NSA in the US has published one Report on securing 5G networks.
The risks associated with smart cities are real and governments and organizations must take steps to mitigate them. ASD’s guidelines provide a useful starting point for organizations looking to implement smart city technology while maintaining the security of critical services and infrastructure.
As the world becomes increasingly connected, the need to secure our digital infrastructure will only become more pressing and it is essential that we take a risk-based approach to managing these risks.
Paul Budde is an independent columnist in Australia and managing director of Paul Budde Consulting, an independent telecommunications research and consulting organization. You can follow Paul on Twitter @PaulBudde.
- Digital boost for South East Queensland off to a good start
- Using smart cities to protect democracy
- How Australia can learn from Scandinavian countries
- Telcos are key to smart city success
- Newcastle: Leading the way for Australian smart cities