Cyber Attacks on Smart Cities: Why we Need to be Prepared

“Smart Cities” are increasingly facing threats to the strives they have made in technological advancement via increasing cyber-attacks. 2018 so far has seen Atlanta, Baltimore and the island of Sint Maarten, subjected to wide-scale online attacks, affecting vital government services and costing these municipalities millions. So, what does this mean for the future of our “Smart Cities”, powered by the force of digital technology?

Services Held at Ransom

Atlanta, capital of Georgia State in the US earlier this year in March was crippled by SamSam, a ruthless “ransomware” bug that lasted nearly two weeks and saw 30% of “mission-critical” software applications affected. A ransom of $55,000 worth of bitcoin in payment was demanded but the city declined to pay it.

Months later, Atlanta is still reeling from the aftermath of the sustained malware (malicious software) attack with police and legislative evidence among the worst hit. City officials reported that a ‘decade’s worth of legal documents and ‘years’ of police dashboard camera evidence have been wiped from their computers with far-reaching consequences for law and order. The cost of this attack so far? $12.2 million.

Baltimore, also a bustling smart city in the US was targeted in the same month with a ransomware attack but this time it was aimed at emergency services. Responders were unable to access their Computer Aided Dispatch (CAD) system for 17 hours. The city’s Emergency services rely on CAD to automatically divert calls to emergency responders who are closest in location so that emergency assistance is directed as efficiently as possible. While the system was down responders operated by taking phone calls manually, a far slower process and one which could have had a more sinister outcome if the cyber-attack had been prolonged.

Sint Maarten, a Caribbean island and constitute country of the Netherlands also suffered a similar fate in April when it experienced its third cyber-attack this year. All government services were offline for a week as authorities struggled to regain control of the recurring issue.

Challenges for Smart Cities in Crisis

The challenge for smart cities that utilize complex digital networks to manage hundreds, if not thousands, of city systems and services is that any device that relies on software to function is a potential cyber-attack victim. Smart city initiatives have been criticized by development experts as having been “procured and developed with little coordinated consideration of privacy and security harms” as systematic vulnerabilities like those seen in Atlanta, Baltimore, and Sint Martens, become quickly exposed by criminal hackers.

Accurate recovery from a cyber-attack depends on fast and perfect damage assessment according to security experts. A recent 2018 Deloitte report concerning ‘Crisis Management’ found that despite 46% of crisis management experts being mobilized in the past two years for Cyber related incidents, the 523 organizations surveyed displayed confidence that exceeded their crisis preparedness. The report also found that being at that being prepared ‘significantly reduces the negative impact of a crisis and it recommended that ‘crisis management should not begin with a crisis’.

This data can plainly reiterate that Smart Cities need to invest in the data security of their cities’ critical infrastructure so that there is only minimum risk involved, to ensure stable, reliable, and secure smart systems. In the case of Atlanta, the Atlanta City Council this month approved in its 2019 budget plan $3.5 million for upgrades to the City’s IT security and infrastructure, serving as an example to all that data security is an investment for the future.