Академический Документы
Профессиональный Документы
Культура Документы
environmental sustainability. India is also not behind and is driving the aspiration “digital india”
campaign. The smart city mission was started as a part of this digitization venture in 2015. Our
country is in the midst of a massive wave of urbanisation as millions of people move into towns and
cities each year. Enormous investments are being made to meet soaring aspirations and to make
towns and cities more liveable
Challenges?
Smart cities move from being a buzzword to reality as the market has evolved into its
next stage. As more governments begin to adopt “smart” concepts, most find it
challenging to keep pace with rapid changes in the digital world and the continued
evolution of their service delivery models. The increased complexity of city’s systems,
interdependencies, globally connected social, economic and political sub systems has
increased the vulnerability of a city’s security.
The base of a smart city network is interconnectivity- of people, digital devices, and
organizations; which opens up new vulnerabilities — access points where the cyber
criminals can get in.
Citizen and organizational data makes an integral component of a smart city network.
This includes highly sensitive and critical information such as biometric, health, financial
details of individuals. Privacy and appropriate protection of this data is of utmost
importance as the cyber threats get magnified as infinite supply of data becomes more
integral to a wide array of operations.
However, the most critical challenge is identifying the need of a robust cyber security
and data protection regime. As of now, there is no security organisation responsible for
ensuring cyber security within smart cities. Additionally, there is no or limited
consideration of cyber security during the various phases of smart city development.
Smart city stakeholders have low awareness of cyber security risks and vulnerabilities.
Further, the stakeholders responsible for securing the smart cities, have limited cyber
security capabilities.
According to EY India’s Information Security Survey 2018-2019, more than three-
quarters (81%) of organizations do not yet have a sufficient budget to provide the levels
of cybersecurity and resilience they want. Smart cities also face the same roadblock:
Limited budget is allocated for cyber security in the overall smart city budget. Even when
a budget is allocated, it does not match the risk profile of smart cities, thereby making
the process of setting up adequate defences a difficult proposition.
One of the major concerns about smart cities sensors in the equipment; buildings etc.
are insecure and not tested thoroughly. Owing to lack of standardization of IoT devices,
the sensors are prone to hacking. Notorious individuals can hack the sensors and feed
fake data, causing signal failures, system shutdowns etc.
In April 2018, Atlanta’s smart city network was locked down by a ransomware attack where
the attackers encrypted digital working files, locking employees out of the smart city
network completely, while the rest were forced to shut down to prevent the virus from
spreading. It is believed that the cyberattack destroyed 'years' worth of police dash cam
video footage.
Hackers targeted Singapore’s largest healthcare institution, SingHealth in December 2018
and stole the personal profiles of 1.5 million patients along with the details of prescriptions
for 1,60,000 others.
In April 2017, some miscreants played a pornographic video on an advertisement screen
installed at a metro station in New Delhi and the entire sequence was shot by a few
commuters on their mobile phones, after which the incident went viral on social media. It is
believed that the LED TV system was under commissioning and the Wi-Fi port was accessible
due to lack of password controls.
Solutions?
Smart city technologies have large attack surfaces that have a number of vulnerabilities,
especially in systems that contain legacy components using old software which has not been
regularly patched. Technology solutions aim to use best practices to mitigate these risks This
includes:
o End-to-end encryption
o Strong password policy
o Up-to date firewalls, anti-virus
o Isolation of trusted resources from public resources (DMZ)
o Implement manual over rides on all systems The aim is to reduce the attack surface
as much as possible and to make the surface that is visible as robust and resilient as
possible.
Since data centres are the pillars of a smart city, effective measures shall be taken to ensure
their security and resilience. Data back-ups should be done regularly, and according to the
best practices, should be done off site. This helps in data protection in case of physical
security breach at the data centre.
Cyber security and privacy acts shall be made more stringent to ensure security is given the
foremost importance. Existing regulations have been updated at periodic intervals to
incorporate the smart city security perspective.