Story image

Ignorance is not bliss: Why security must never be an afterthought for our smart cities

02 Feb 17

APAC smart cities are redefining the way we live and work and provide a vast range of benefits but they also come with major security concerns, says Trend Micro.

Smart cities bring together technologies such as cloud, big data and virtualization to boost public and private infrastructure, reduce government finance strain and achieve more sustainability through connected systems.

Technavio reports that the smart city industry will explode to $1.5 trillion by 2020, and all eyes are on the booming developments. But systems with a lack of protection are left wide open to attacks.

Countries such as Singapore have adopted smart water systems that use sensors to track water flow, quality and pressure, all which enables end users to monitor their water usage and allows the Public Utilities Board to predict and minimize pipe bursts.

But there’s a massive downside for this revolutionary technology, and Trend Micro says it’s critical that we consider where threats originate.

Attacks such as the 2015 outage at two Ukraine energy distributors and the attack on a US transport computer system show the real effects power of malware and hacking, that could potentially spread worldwide.

How third parties use harvested data is also a major privacy concern, and Trend Micro says breaches and legal complications may arise.

Here are some of Trend Micro’s top thinking points for APAC nations.

Singapore: The country is reliant on data that uses sensor networks to share behavioural feedback, but what are the privacy implications? The community is required to provide personal data that lets officials prevent crime, view traffic density and many other things. Trend Micro asks, are Singaporeans truly at ease with this should hackers get access to government systems?

Japan: Japan’s grid security and energy efficiency have been improved by home energy management (HEM) systems that optimize energy use through real-time data.  But these systems do not guarantee data security, according to a report by the EU-Japan Centre for Industrial Cooperation.Trend Micro asks, what happens if the system is hacked? Will there be blackouts?

South Korea: Home to the world’s very first smart city, Songdo International Business District was built from scratch with the aid of smart technologies. Residents own smart card house keys that can also pay for transport, parking meters, films and many more.  But where is the balance between convenience and privacy?

China: The country has a Vision 2025 plan to transform manufacturing into IoT enabled operations, the country’s Chengdu smart city is leading the way in industrial automation. However, sensitive data abuse is becoming a concern, as planners have created an Urban Data Lab to collect government information, urban plans, phone metadata from carriers and behavioural data from location-based services.

The key message? Trend Micro says it’s crucial to implement security and privacy as smart cities are developed, rather than adding it on as an afterthought. It will be a complex task, but the effects of an attack would be even worse.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.