The current attack surface for cities is huge and wide open to attack. This is a real and immediate danger.
— Cesar Cerrudo, security researcher and chief technology officer at IOActive Labs, on smart cities. Smart cities infrastructure — from traffic lights to utilities — are computerized, networked and vulnerable to cyberattacks.
Cerrudo, who ll be presenting a report at the RSA Conference in San Francisco this week, told the New York Times that due to software bugs, poor or lack of encryption, among other things, he has found ways to control traffic lights, tweak speed-limit signs, or send cars onto the freeway all at once by messing with ramp meters. He said traffic sensors he tested in San Francisco last year were still unencrypted as of last weekend.
Others have found similar problems. Last year, for example, University of Michigan researchers found that poorly designed networked traffic signals were vulnerable to hackers.
Not only are connected infrastructure systems possible targets, they have been targeted. From the NYT: In 2013, the energy industry became the most-targeted sector for hackers in the United States, accounting for 56 percent of the 257 attacks reported to the Department of Homeland Security that year.
Cerrudo s warnings come amid at least one prediction cited by the NYT that the smart-cities market will reach $1 trillion by 2020. Last year, we wrote that a study projected that there will be at least 88 smart cities around the world by 2025.
Photo by Shmuel Thaler/Santa Cruz Sentinel archives
