How to protect a smart city from cyberattacks?

Although smart cities are designed to increase productivity and ef?ciency, they can potentially present serious risks for residents and authorities when cyber security is neglected.

Billions of connected ‘things’ are deployed in smart cities around the world. The rise of the Internet of Things (IoT) exposes a wide range of vulnerabilities that can be exploited by cyber criminals and other malicious factors.

5 of the most common attacks are:

1.Man-in-the-middle: An attacker breaches, interrupts or spoofs communications between two systems. For example, a man-in-the-middle attack on a smart valve in a wastewater system could be used to cause a biohazard spill.

2. Data and identity theft: Data generated by unprotected smart city infrastructure such as parking garages, EV charging stations and surveillance feeds provide cyber attackers with an ample amount of targeted personal information that can potentially be exploited for fraudulent transactions and identify theft.

3. Device hijacking: The attacker hijacks and effectively assumes control of a device. These attacks can be dif?cult to detect because in many cases, the attacker does not alter the basic functionality of the device. In the context of a smart city, a cyber-criminal could exploit hijacked smart meters to launch ransomware attacks on Energy Management Systems (EMS) or stealthily siphon energy from a municipality.

4. Distributed Denial of Service (DDoS): A denial-of- service attack (DoS attack) attempts to render a machine or network resource unavailable to its intended users by temporarily or inde?nitely disrupting services of a host connected to the Internet. This is typically achieved by flooding the target with superfluous requests to prevent legitimate requests from being fulfilled. In the case of a distributed denial-of-service attack (DDoS attack), incoming traffic flooding a target originates from multiple sources, making it difficult to stop the cyber offensive by simply blocking a single source. Within smart cities, a plethora of?devices, such as parking meters, can be breached and forced to join a botnet programmed to overwhelm a system by requesting a service simultaneously.

5. Permanent Denial of Service (PDoS): Permanent denial- of-service attacks (PDoS), also known loosely as phlashing, is an attack that damages the device so badly that it requires replacement or reinstallation of hardware. In a smart city scenario, a hijacked parking meter could also fall victim to sabotage and would have to be replaced.

Connected smart city devices should be protected by comprehensive IoT security solutions (device to cloud).

Practical and simple, yet secure, solutions that can be easily and widely adopted by OEMs and services are more effective than a ‘super solution’ that fails to gain serious traction.

Subscribe to our Linkedin monthly newsletter?above to get more semiconductor bytes!