Live COVID-19 Cases
  • World 179,935,048
    Confirmed: 179,935,048
    Active: 11,333,105
    Recovered: 164,703,692
    Death: 3,898,251
  • USA 34,434,803
    Confirmed: 34,434,803
    Active: 4,999,794
    Recovered: 28,817,134
    Death: 617,875
  • India 30,028,709
    Confirmed: 30,028,709
    Active: 643,163
    Recovered: 28,994,855
    Death: 390,691
  • Brazil 18,056,639
    Confirmed: 18,056,639
    Active: 1,162,895
    Recovered: 16,388,847
    Death: 504,897
  • France 5,760,002
    Confirmed: 5,760,002
    Active: 74,087
    Recovered: 5,575,086
    Death: 110,829
  • Russia 5,350,919
    Confirmed: 5,350,919
    Active: 331,122
    Recovered: 4,889,450
    Death: 130,347
  • UK 4,651,988
    Confirmed: 4,651,988
    Active: 217,498
    Recovered: 4,306,482
    Death: 128,008
  • Italy 4,254,294
    Confirmed: 4,254,294
    Active: 72,964
    Recovered: 4,054,008
    Death: 127,322
  • Spain 3,768,691
    Confirmed: 3,768,691
    Active: 123,122
    Recovered: 3,564,850
    Death: 80,719
  • Germany 3,731,287
    Confirmed: 3,731,287
    Active: 28,705
    Recovered: 3,611,500
    Death: 91,082
  • China 91,653
    Confirmed: 91,653
    Active: 514
    Recovered: 86,503
    Death: 4,636
Generic selectors
Exact matches only
Search in title
Search in content
Generic selectors
Exact matches only
Search in title
Search in content
vaccine fairness

BY James Hingley


Protecting Smart Cities From Cyber Attacks

Smart security measures are needed to protect smart cities.

MAY 11  2021


As technology becomes more advanced, protecting the data it collects becomes more complex.

The world we live in today is dominated by technology. Whether it is our smartphones or no-till grocery stores, few areas of life remain untouched by technology. Yet, the presence of technology is more pervasive than it might first appear. Everything we do provides instant information about transit, traffic, health services, safety alerts, and puts community news into millions of hands. Now, this information is being put to use.

Technology helps to create a city that lives, breathes and adapts to the ways and habits of those living in it. However, no form of technology is infallible and therefore requires protection. The same is true of smart cities, especially since they collect and store the data of the citizens. Accordingly, the National Cyber Security Centre (NCSC) has provided some guidelines on how smart cities should go about best protecting themselves.

What is a smart city?

Although a smart city may appear fairly simple in principle, forming a concrete definition is more complex. In a 2018 report on the future of smart cities, McKinsey & Company offered a description of a smart city:

‘Smart cities put data and digital technology to work to make better decisions and improve the quality of life. More comprehensive, real-time data gives agencies the ability to watch events as they unfold, understand how demand patterns are changing, and respond with faster and lower-cost solutions.’

This provides a basic understanding of what a smart city does and, as a result, it is more possible to define a smart city. In fine, a city that uses the data collected from electronic sources and sensors to improve how the city functions can be defined as a smart city. On a more nuanced level, a smart city looks to develop, deploy, and promote sustainable development practices to address growing urbanisation challenges. For a smart city to fulfil its maximum potential, the city’s inhabitants need to engage with the smart ecosystems already existing. In doing so, it is possible to decrease traffic congestion, improve air quality and optimise the collection of rubbish and thereby improve the cleanliness of streets.

Based on all this information, the potential benefits of smart cities are overwhelming. With the increasingly rapid technological advancements, different areas are being optimised to improve the quality of life therein. However, technology comes with the risk that it can be compromised and smart cities are no exception. To that end, the relevant bodies are providing information to help preserve the integrity of the data collected by smart cities.

Staying safe

Although it comes under the general rubric of safety, the guidance issued by the NCSC looks to create awareness and build an understanding of the issues at hand. In particular, the NCSC highlights traffic light management, CCTV, waste management, streetlight management, parking management, transport services and public services (such as health/social care, or emergency services) as areas in need of enhanced cyber-security measures.

The element that makes smart cities an attractive target for hackers and other threat actors are the large quantities of sensitive, personal information. Likewise, given that the systems are interconnected, the concern is that, if one is compromised, they will all be compromised. To that end, the NCSC lays heavy stress on the importance of understanding. This is not simply a case of having an advanced understanding of the threats faced but also of the systems:

‘You need to have a clear understanding of your connected place infrastructure by identifying, understanding, and assessing inter-dependencies.’

When mentioning understanding the infrastructure of a connected place, it is not simply a question of understanding the system itself but also the people who have access to it. On this last aspect, the NCSC mentions the option of using Zero Trust Principles. It centres around the core belief that organisations should not trust anything inside or outside their perimeters. Rather, access should only be granted once it has been verified and authorised. Given the name of the policy, implementing it could be misconstrued as overly draconian. Yet, when it is remembered that the systems in question contain personal data, then the measures seem reasonable.

On another level, if there is a breach in the Zero Trust Principles, then the system must be constructed in such a way that it can also provide some level of protection according to the NCSC:

‘You need to ensure that your connected place architecture is designed securely. Your designs need to take into consideration the logical separation (or ‘zones of trust’) of your connected place network and identify critical security boundaries. This should not be limited to the cyber domain but also the cyber-physical (dual redundant sensors and/or actuators), and the physical space (such as diverse power supplies or communication routes).’

The subsequent instructions address the architecture of a connected place on a more nuanced level. However, similar to the advice concerning Zero Trust Principles, the recommendations are grounded in a basic principle of prioritising safety and security.

So, the resounding message is that smart cities, for all their usefulness, are vulnerable and, for that reason, steps must be taken to protect them. The NCSC did not name any particular threat actors, but that does not make the threat any less serious. A cyber attack against smart city infrastructure can happen at any time and, to that end, it is critical for the appropriate defence measures to be in place.

About the Author: James Hingley

James Hingley is a contributing Features Writer with extensive expertise in International Relations, Politics and Culture.

Recommended for you

How Can Employers Support Workplace Wellbeing?

Integrating wellbeing into business practices with the platform helping employees Thrive.