Researchers in cybersecurity and civil engineering at the University of California – Berkeley have published a free white paper, “The Cybersecurity Risks of Smart-City Technologies: What do the experts think?”. The paper is based on a survey with 76 cybersecurity professionals conducted last year, who were asked to rank different technologies according to their underlying technical vulnerabilities, their attractiveness to potential attackers, and the potential impact of a successful serious cyberattack.
The paper concludes that, while not all smart city technologies pose equal risks, the cyber-risks associated with the installation and use of emergency alerts, street video surveillance, and smart traffic signals should be weighed against their potential benefits.
“Local officials should therefore consider whether cyber-risks outweigh the potential gains of technology adoption on a case-by-case basis, and exercise particular caution when technologies are both vulnerable in technical terms and constitute attractive targets to capable potential attackers because the impacts of an attack are likely to be great,” the paper states.
According to the cybersecurity experts surveyed, the top technology of concern was a potential hack of emergency and security alert systems.
“The comments that we received in the open-ended responses really highlighted the potential impact and mayhem that the attacks on the systems could produce,” Alison Post, Associate Professor of Political Science and Global Metropolitan Studies, said. “Particularly for the emergency and security alert systems, there was both a concern about the immediate impact—a panic in which everyone is trying to leave a city right as there is some sort of warning about an emergency that is, in fact, not happening. Then there is a second-order effect on public trust. If there is a fake alarm and then people learn about it, then they become less trusting of the system overall. We had a large number of comments pointing in that direction.”