Cyber-Kinetic Security and Privacy Threats in Smart Cities
More than half of the world’s population lives in cities. The UN estimates that by 2050 that proportion will be 68% – more than 6 billion people living in high-density conditions. This raises significant challenges. What is the best way to ensure that human needs are met in a fair and equitable way? How will we face challenges like resource strain, waste and pollution management, traffic congestion and connectivity?
In response to these wicked problems, cities are increasingly relying on smart technologies to foster greater efficiency and sustainable growth. These interventions do not, however, come without their own complications. Just like any digital tool, smart systems are vulnerable to cyber-kinetic attacks, but what makes them unique is their high degree of integration. Because these systems are by their nature embedded in many aspects of work and daily life, interfering with them has the potential to cause widespread disruption, even chaos. Furthermore, the massive volume of data that our interactions with smart systems generate create serious threats to individuals’ privacy if not adequately protected.
Making physical objects in cities “smart”
The British Standards Institute (BSI) defines a smart city as:
THE EFFECTIVE INTEGRATION OF PHYSICAL, DIGITAL AND HUMAN SYSTEMS IN THE BUILT ENVIRONMENT TO DELIVER SUSTAINABLE, PROSPEROUS AND INCLUSIVE FUTURE FOR ITS CITIZENS
This is an excellent definition as it highlights how smart cities represent the marriage of physical and digital in the creation of cyber-physical systems (CPSs). Such systems use sensors to gather data about the physical world, which is then digitally analyzed to determine how best to optimize the physical output of those systems.
CPSs are increasingly used to better manage the basic services in our cities: traffic management, transportation systems, energy distribution, water distribution, public safety, pollution control, waste disposal, wastewater treatment and more. On a more granular level, homes and workplaces are also becoming more and more digital, while it has become commonplace for public spaces in cities to be hot zones within which individuals can stay connected. All of this activity produces data. Lots and lots of data. It’s no exaggeration to say that smart cities are built on data in the same way that traditional cities were built on bricks and mortar.
Consider how many times a day you contribute to this reservoir of data. Perhaps you drive to work and use a navigation assistant to find the least congested route, feeding into and drawing from real-time traffic mapping that is constantly improving the suggestions it offers commuters. If you take some form of mass transit, you can receive real-time updates on arrival times at various pick-up points, as the system works behind the scenes to optimize speed and efficiency. In the future, your options may also include being picked up by an autonomous vehicle that uses real-time traffic information to take the most efficient route to your destination.
The water used to brew your favorite morning coffee and the electricity used to bake your breakfast doughnut are monitored and distributed by smart systems, as are the payment gateways and transactional networks that allow you to pay by simply scanning your phone. In the future, though, even that inconvenience will be eliminated. Some businesses are already experimenting with setups in which you present your phone to a scanner as you walk in the door, grab the items you want and walk out with them. An advanced tracking system monitors what items you take out the door and charges them automatically to your account without having to present them to a cashier.
When you get to the office, that too is smart-enabled. Beyond the obvious digital capabilities, such as the security systems allowing you in the door, there are probably lighting and temperature control systems that adjust intelligently to the room’s occupants.
While you’re at work, your power company detects that you are away and reduces power to domestic appliances that aren’t being used. You’re not even aware of this, though, because the power company, having data on your behavior patterns, restores your power to the level you require for your evening before you arrive home.
These are superficial examples of what truly smart cities are capable of. Many cities – not to mention countries – are aggressively pursuing an increasing amount of digital connectivity for everything that goes into their physical environments.
The development of smart cities
With urban populations swelling faster than infrastructure can grow, and with the resulting challenges growing almost as fast, the race is on to transform existing cities into smart cities. The market for smart city technology is expected to reach $1.5 trillion by 2020.
Singapore’s “Smart Nation” project is a leading-edge example, which, as a former Singapore resident, I have had the personal pleasure of working with. The city is using new digital technologies to enhance transportation systems, health, home and business, building interconnectedness in all aspects of citizens’ lives.
With the challenge of managing the world’s largest national population, China has been aggressive in this area, developing 103 smart cities, districts and towns over the past five years. These smart cities seek to bring pollution, traffic congestion and widespread energy consumption under control through greater use of connected technologies.
It’s perhaps no coincidence that India, the second largest nation on earth, has also taken a progressive approach to urban development, targeting 90 cities to engage smart capabilities as part of its “Smart City Mission.” Theirs is a pragmatic approach, tackling development in a layered fashion, but the outcomes still represent a sea change for millions of people.
In North America the U.S. Department of Transportation’s “Smart City Challenge,” encouraged US cities to solve major transportation issues using digital technologies. This is healthy competition designed to stimulate innovation that can be replicated across the country. Fostering smart solutions is expected to reduce increasingly complex urban transportation issues and improve efficiencies.
On the far end of the scale, Bill Gates has bypassed this approach altogether. Rather than taking existing cities and making them smart, he is building one from scratch on 25,000 acres of land he has purchased in Arizona.
Smart systems behind smart cities
Here are some examples of city systems that can be enhanced by digitization.
Transportation
Solving problems like congestion, pollution and safety are critical to the smooth operation of city transport, which is a complicated mix of public and private operations. With real-time data about mass transit schedules and delays, public transport is able to move to new levels of efficiency and commuter wellbeing.
Private transport experiences similar benefits, utilizing user and automobile data, street sensors, even drones and satellites, to relieve congestion, adapt traffic light schedules and direct drivers towards optimal routes.
Montreal uses AI, satellites, drones, and sensors mounted on vehicles to improve traffic flow. NVIDIA Metropolis combines internet-enabled video cameras and AI to provide improve traffic flow. They also offer smart parking services. Drivers who drive IoT cars can get real-time information on available parking spots and their costs, even if cost varies according to parking demand.
Buildings
Our homes and our workplaces – the physical spaces where we spend most of our lives – are increasingly moving into the Internet of Things (IoT). This grants us unprecedented control over these environments and how they best serve us. For the first time offices can become more than containers for work; by optimizing the sensorial and ergonomic potential of these spaces we are using smart technology to improve human wellbeing. The key, of course, is enormous amounts of data.
Deloitte Netherlands’ office building known as “The Edge” is one of the most energy-efficient buildings in the world. Its lighting system is optimized to reduce energy usage and it has solar panels and underground geothermal energy storage. In addition, it uses rainwater for wastewater systems. All this is tied to a vast array of sensors that collect environmental data and optimize building management. Cleaning and maintenance, therefore, are responsive, not inefficiently routine. The system tracks the location of every person on the premises at any time. It also offers employees the convenience of applying their personal preferences to all devices with which they interact – even down to the coffee machines.
At home we are integrating more and more IoT devices into our daily lives. These help us change the atmospheric conditions of a room or background music with a simple voice command. They help us vacuum the floor. They even allow us to monitor and manage our home when we’re not there. And these are not toys of the rich and famous. Rapid evolution of IoT technology is making such devices increasingly affordable and, therefore, ubiquitous.
Energy
As social and environmental awareness more heavily influence public and commercial interests, the term ‘smart energy’ is expanding beyond the ‘traditional’ definition of more efficient energy delivery. It also refers to balancing growing energy needs against environmental concerns and incorporating more clean energy. Here technology has a powerful role to play for the greater good. Smart grids use smart meters to coordinate supply schedules and deliver energy cheaper and more efficiently. The smart grid can even assess consumers’ energy usage patterns and turn off appliances that are unlikely to be used. In an era of massive supply-side pressure on energy consumption, this intelligence has major ramifications for the way we live, and will continue to live in the future.
Siemens is currently working with Rotterdam and Dutch energy providers to create a smart grid that connects 20,000 homes and companies. The system, due for completion in 2020, will use data generated by consumers to identify energy usage trends and then use those trends to optimize energy supply.
Water
Think of the great cities of the world. You’ll struggle to find one not located next to a river, ocean or large body of water. The history of human settlement and water are closely entwined, and management of this precious resource remains one of the most important tasks in city oversight. As cities grow to tens of millions, the complexity of water distribution grows too. Its flow must be understood to optimize it.
Smart water systems analyze usage patterns to predict future water needs. But they also do more than merely distribute water. Their sensors also automatically assess water quality and detect maintenance needs throughout the system, improving public health and social wellbeing.
Public safety
The more humans there are crowded into a limited space the greater the possibility of things going wrong. It’s a trite observation but it points to one of the key roles smart technology is playing in modern metropolises. Smart street lights that adapt to weather conditions and report their own maintenance needs, traffic and surveillance cameras that detect gunshots and monitor city streets in real time – these are silent sentinels that improve public safety.
More directly, law enforcement authorities use facial recognition technology to identify known individuals who could pose a threat to public safety. It is believed that the US FBI already has more than 52 million individuals in its facial recognition database.
Waste management
With more than half of the world’s 7.5 billion people living in and around cities, the amount of waste generated is staggering. Management of this waste is one the least sexy but most critical areas in which smart solutions can play a positive role.
Advanced data analytics, such as those in IBM’s intelligent waste management platform, help optimize collection, transportation and waste recovery. Internet-enabled containers, like those created by Veolia, report their volume of garbage and odor so that collection can be done on an as-needed basis. In receiving this information, waste trucks can collect only the containers that need collection, significantly reducing the financial and environmental cost of trucks on the road.
Pollution control
Air pollution is a public health crisis. According to data from the World Health Organization, 7 million people die prematurely each year as a result of the effects of air pollution. The remedy to this universal problem varies from place to place according to the unique needs of that location, but cities are united in their need to pay attention to air quality. This domain will benefit greatly from smart technology as detection and response systems evolve.
A current example is found in Chicago, where a massive “Array of Things” program was initiated in 2016. Sensors were installed at key locations throughout the city to monitor pollution and climate conditions and provide relevant data to researchers as they seek to improve Chicago’s air quality.
Threats to these systems
The smart systems described above give a basic sense of the potential benefits that ‘smartification’ can offer the cities of tomorrow, but the real possibilities are virtually limitless. It’s not all good, though. By their nature, smart systems are deeply connected, incorporating millions of sensors and devices – each a distinct node on the network. This represents an inherent security threat: anyone who is able to illegally access and assume command of these systems is able to do damage of a scale unimagined in the times of independent, analog systems. Some examples include:
Traffic control systems
As early as 2006, Los Angeles traffic control systems were commandeered by disgruntled employees who wreaked havoc for days before they were identified. In 2014, security expert Cesar Cerrudo demonstrated how the lack of encryption in many widely used traffic control systems could enable an attacker to disrupt lights and snarl traffic. In crowded cities traffic congestion is a major issue, but it’s easy to see how hacking the system could lead beyond traffic jams to loss of life in traffic accidents.
Though an increasing number of newer smart systems have the necessary encryption, older systems do not, and they are almost impossible to replace without major street reconstruction.
Mass transit systems
The 2008 hijacking of the Lodz, Poland, tram system shows evidence of vulnerabilities in mass transit systems, too. And while the 2016 ransomware attack on the San Francisco municipal rail system didn’t significantly inconvenience riders or cause injury, it, too, demonstrates that municipal transit systems are being targeted. Additionally, introducing false information on the systems could cause unnecessary congestion and delays as people base their actions on that false information. You can read more about mass transit and railway risks here.
Power grids
As the recent major blackout in Venezuela shows, the loss of a power grid can have devastating, even fatal, consequences. Though in this case there is no clear evidence of tampering, the effects of the blackout were reminiscent of the 2015 BlackEnergy attack on the Ukrainian power grid, in which more than 80,000 consumers were left without power. Vulnerability demonstrations show how this type of attack is highly plausible, while actual attacks on power plants suggest that this is already a consideration for cyberattackers.
Water distribution systems
Attacks on power grids impact water supply, but direct cyber-kinetic attacks on water distribution systems are also a realistic threat for smart cities. Such strikes threaten human lives and are already a reality, though fortunately with minimal damage so far. Most chilling are reports of a 2016 hack of an unidentified water treatment plant, where mass casualties were averted only because the hacktivists who attacked it did not immediately realize what toxic chemicals they were in a position to unleash on the plant’s consumers.
Other threats
With so many centralized service management systems needed to run a city, hackers with villainous intentions have multiple possible targets. From hospitals hit by ransomware attacks, to GPS spoofing of location-based services, to traffic management systems and wireless smart street lighting systems left exposed by encryption problems, cities are vulnerable to crippling hits on essential services. The potential consequences range from dire to deadly.
The promises – and dangers of 5G
According to the Global Commission on Economy & Climate, smart cities may save the world as much as $22 trillion by 2050. As discussed above, the promised benefits of smart cities are far-reaching and manifesting them will include the generation of many new technologies that will positively impact transportation, healthcare, building management, city governance and education. At the moment these developments are in their infancy – the true shift is expected with the arrival of 5G. This new wave of connectivity represents a total departure from the 4G and 3G networks that have preceded it. It will deliver blistering fast data speeds (up to 20 times faster than 4G LTE) and absurdly low latency (1 millisecond or less), but its role in smart cities extends beyond these astonishing capabilities. Able to support up to 1 million devices per square kilometer, 5G will deliver the platform required to truly operate a smart city ecosystem.
But this is not all good news. With 5G’s elevated connectivity come 5G elevated security threats. A massive rise in the number of connected devices combined with an increase in edge computing distributions will expand security threats and broaden the attack surface available to cyber criminals. As we have discussed above, the more integrated systems are – as is the nature of a smart city – the greater the potential consequences of a cyber-kinetic attack.
Threats to individuals’ privacy
Beyond the physical threat of cyber-kinetic attacks, one of the biggest concerns with smart cities is privacy. Every individual in the system generates an enormous and continuous stream of data that can be used against him/her if it is accessed by the wrong person. And with so many system vulnerabilities, the possibility of that happening is not insignificant. For example, with Montreal’s system of sensors installed on cars, a hacker able to link a vehicle to a person would have all he needs to track that individual through their unique data trail. This information, linked with all the other aggregated data on that person’s movements and activities gives a criminal material to blackmail that individual, or run a range of man-in-the-middle attacks.
Privacy concerns also haunt the smart buildings we work in. A building like Deloitte’s ‘The Edge’ may know your personal preferences but such advantages come at a hidden cost: the building’s data builds a very detailed personal profile of you that could be used against you were it to fall into the wrong hands.
Fortunately, Deloitte has been very conscientious about protecting their employees’ privacy, but as similar systems roll out into other buildings, employees’ vulnerability would be massive if those buildings’ owners turned out to be less diligent.
Our own homes are similarly vulnerable to covert intrusions. If you’ve ever thought that talk of people hijacking the camera or microphone on your IoT device to spy on you is paranoid, think again. Such an intervention is relatively easy for hackers to achieve; they can even access seemingly innocuous devices like smart vacuum cleaners to gain surveillance entry to your home. Your domestic energy usage can also be used to glean information about your personal behaviour; detailed analysis of subtle fluctuations in your power consumption can reveal which television shows you watch.
Even more personal, wearable devices create massive information logs about an individual’s lifestyle and health. Many companies are already accessing the wearables information of their employees, but unauthorized access to your health and movement data ranges from undesirable to dangerous.
When one understands that it is even possible to re-identify individuals through the data they produce via smart waste management systems, one realizes that anonymity is increasingly difficult to secure in the IoT age. Attackers are able to discover individuals’ identity by using data available across multiple sources, even if they have secured their identity in one area. For example, the Harvard University Privacy Lab demonstrated it to be easy to re-identify individuals by combining news items about hospitalizations with publicly available datasets.
Then there is a technique called a “statistical disclosure attack” that can aggregate anonymized data from multiple systems and detect patterns that enable an attacker to re-identify an individual. UK researchers are studying how this technique could increase the risk of data exposure in large clinical data warehouses, like those that would likely exist in a smart city.
It’s not just cyber criminals who are trying to benefit from your data, it’s also people who are trying to sell you products. Marketers are using facial recognition technologies to analyze shoppers, their engagement with displays, even their identities, then applying the information available to them from Big Data to provide customers with more individualized shopping experiences. These marketers can use your behavior patterns and all other data on your life to influence you. In other words, the massive amounts of data available about you are being matched with your face to try to get you to buy more.
The Dutch train company NS is already facing scrutiny over privacy issues over their development of smart billboards that they use on mass transit vehicles. Cameras in the billboards are connected to software that analyzes people’s faces to determine the person’s sex and age and push relevant ads at them.
With such significant volumes of data available on a person, marketers have almost omniscient powers. In an interesting but disturbing anecdote, a retailer targeted a teenage girl with products for pregnant women. The girl’s father complained to the retailer about this advertising blitz of inappropriate products. Not much later, though, the father learned that his daughter was indeed pregnant. The girl had not shopped for such products, but the data the retailer had on her enabled them to accurately predict her condition.
Privacy is shrinking, and in smart cities this is set to be even more extreme as every step of our daily life will contribute to a detailed data map of who we are and what we do. And when one connects this with the knowledge of how open smart systems are to attack, there is no way of knowing who is watching.
Takeaways
With so many critical services enmeshed with smart cities, the attack surface is enormous and extremely vulnerable. The more technology is involved, the greater the vulnerability to infrastructure and city services. Securing systems is essential, particularly as we prepare to move into a 5G world.
The IoT written into the fabric of smart cities is flooded with devices that have had little to no thought put into security, their manufacturers being too eager to get their product to market. Their short-term win, however, is everyone’s loss as unsecure devices leave the whole system shockingly vulnerable to attack.
It is critical that smart cities are reassessed and reconditioned for security and privacy concerns. If not, the technology that is set to positively redefine how urban dwellers cohabit will be the same technology that causes cyber-kinetic meltdown. This is not the same as an attack on a corporate or intelligence agency target – where smart cities are involved the targets may be essential services that keep people alive. As thinking shifts increasingly towards 5G rollout and the opportunities it will present, now is the time to view systems security with same passion and commitment.
Marin Ivezic
For over 30 years, Marin Ivezic has been protecting critical infrastructure and financial services against cyber, financial crime and regulatory risks posed by complex and emerging technologies.
He held multiple interim CISO and technology leadership roles in Global 2000 companies.