SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Trend Micro's ten steps for securing our smart cities
Wed, 7th Jun 2017
FYI, this story is more than a year old

Right now there are 250 smart city projects underway in 178 cities worldwide according to Navigant Research, but how do those projects tackle cybersecurity - particularly as the total number of IoT devices rockets?

That has been the focus of a new checklist by Trend Micro, which says that Asia Pacific has the second-highest project rates in the world. Smart city developers have to take advantage of connected devices to take advantage of their 'omnipresent connectedness'.

Trend Micro has assembled the following checklist for smart city developers.

1. Perform quality inspection and penetration testing

Smart technologies have to undergo strict inspection and testing before any kind of city-wide implementation. This step allows the implementing body to catch any security issues (e.g. data leaks) or maintenance concerns (e.g. service malfunctions) before any smart device, infrastructure, or service is made available to the public.

Municipalities should hire independent contractors to run penetration tests on a regular basis. Since penetration testing only puts emphasis on vulnerability scanning, standard product testing procedures such as quality assurance (QA) or quality testing (QT) should also be mandatory. QA focuses on spotting defects in smart technologies, while QT zooms in on their functionality.

2. Prioritise security in SLAs for all vendors and service providers

Smart city adopters should draft service level agreements (SLAs) that list the security criteria smart technology vendors and service providers need to meet. It should be clear to both parties that non-compliance to the specified conditions has corresponding penalties. The criteria could include a guarantee on the data privacy of citizens, a 24x7 response team in case of problems, or the abovementioned regular penetration testing and security audits.

3. Establish a municipal CERT or CSIRT

When any security incident involving smart implementations arise, a dedicated municipal computer emergency response team (CERT) or computer security incident response team (CSIRT) should be readily available to respond. These teams need to be adept at performing appropriate countermeasures in case of attacks, or service recovery in case of system failures. These teams may also be in charge of vulnerability reporting and patching, vendor coordination, and sharing best security practices.

4. Ensure the consistency and security of software updates

Once software and firmware updates are available for the devices used in smart cities, they should be deployed immediately. Both municipalities and vendors must make sure that updates are delivered in a secure manner—with encryption and digital signatures—to ensure software integrity. Digital signatures are used to verify if the updates are authentic and not corrupted or tampered with before installation.

5. Plan around the life cycle of smart infrastructures

Smart infrastructures have longer service life than of the run-of-the-mill consumer products. However, it is important that municipalities create detailed procedures they need to take once the infrastructure becomes obsolete and vendor support for it ends. End-of-support may lead to serious vulnerabilities that can be exploited and attacked.

Smart city adopters should also consider the physical state of these infrastructures. Years of deployment, lack of maintenance, and overuse can wear them out. By planning around an infrastructure's life cycle, it will be easier for municipalities to fix or replace them in the future.

6. Process data with privacy in mind

As a rule of thumb, any data collected in a smart city should be anonymized in order to protect the privacy of citizens, especially if it's going to be published as open government data (OGD). If any portions of the dataset have no relevance to smart city projects, they should be completely discarded.

Access to sensitive data should be restricted to only those accredited by the municipality, such as service providers who are bound by SLAs. A clear information-sharing plan should be in place. This should cover what data can be shared, to whom, and what privacy controls will be implemented for the data. The plan must also include data backup provisions and a recovery strategy in case of disasters.

7. Encrypt, authenticate, and regulate public communication channels

All communications—both wired and wireless—should be protected against eavesdropping, interception, and modification, especially if the data contains sensitive information. Strong cryptography should be in place while encryption keys should also be well-kept and protected.

All smart communication systems should at least require a username and password to be accessed. Strong authentication mechanisms such as one-time passwords, biometrics, and two- or multi-factor authentication can be adopted to enhance security.

Municipalities should also regulate communication protocols and traffic to decrease the risk of knocking a centralized system or several interconnected devices offline. Unnecessary functions and features on smart communication systems should be disabled. This limits their attack surface and deters attackers from abusing them.

8. Always have a manual override ready

Despite the allure of fully automated smart systems, keeping the ability of a manual override is still very important. In case of a serious system malfunction or compromise by a malicious actor, the manual override offers municipalities the ability to perform incident response regardless if there is no internet connection or if the attacker locks out their remote access capabilities.

9. Design a fault-tolerant system

When smart infrastructures and applications continue to operate properly even if one or more of its components fail, you have a fault-tolerant system. Smart city services may experience reduced response or performance, but the system ensures continued functionality rather than failing completely. This will require redundancy techniques (hardware, software, and time) to tolerate operational faults and perform needed functions.

10. Ensure the continuity of basic services

In the unfortunate scenario where all systems fail, citizens should always have access to basic utilities (e.g. electricity, water) and services (e.g. emergency response). If the primary electric delivery system fails, for example, there has to be an alternative source of power.

Cities will get smarter over time. This is inevitable as governments slowly move towards techno-utopianism. Whether these cities are built from the ground up or built around and over established metropolises, it is always important to balance functionality with security. Cities are created by citizens to meet the needs of its citizens. It's only right to protect them.