Edge Cyber Security in Smart Cities, Buildings, Homes
Like all living organisms, computer systems deemed smart have the ability to grow, develop, explore, and most importantly, learn. It almost feels incomplete to have a conversation about smart cities, buildings, or homes without adding Internet of Things (IoT) devices into the mix as they markedly help create an interconnected network of smart devices.
But, what are smart cities? Smart cities are a collection of integrated and interconnected technologies that continuously transfer data between each other and are enclosed in a specified urban environment.
According to Statista, the market for smart cities is expected to grow to an estimated $241 billion in revenue by 2025. Additionally, Frost & Sullivan estimate that smart cities will create business opportunities worth $2.46 trillion by 2025.
Unfortunately, smart cities also represent a cumulative collection of cyber risks as attackers are always exploring new and innovative ways to exploit organizations, whether it’s in targeting vulnerabilities or individuals by bypassing fragile security mechanisms.
Guidehouse Insights issued a report in 2021 that unveiled the connection between the growth in smart city technologies and new cyber security threats, finding that the global annual smart city cybersecurity revenue is expected to reach $26 billion by 2030.
Edge Risk Use Cases in Smart Cities, Buildings, Homes
As smart cities focus on data-driven and connected Edge and IoT infrastructures, the adoption of AI, 5G, machine learning, and other modern technologies will lead to increased spending toward smart cities. In fact, global investments in smart cities are set to reach $327 billion by 2025.
Next are some of the most common risk use cases in smart cities across Edge and IoT infrastructures.
Ransomware attacks can be equal parts devastating and sophisticated. Attackers are finding cracks in security mechanisms and ransomware is somewhat of a safe bet as it allows them to be highly efficient in their attack, keep costs low, and leverage repeatable models.
Another point of interest for bad actors in ransomware is the untraceability of the exchange of large sums of money. This is mainly due because the cryptocurrency economy is unregulated, making ransomware a very easy and safe choice for cyber criminals.
For instance, Atlanta, Georgia reported in early 2018 that several local government systems were down due to a ransomware infection. Atlanta wasn’t the only affected region as Georgia had claimed a ransomware hit a few weeks prior. Allegedly, the infection was caused by the SamSam ransomware, an active ransomware strain that had also infected the Colorado Department of Transportation.
Security experts believe SamSam was able to perpetrate the state systems due to bad hygiene of ports, meaning it was probably caused by a port that shouldn’t have been open. The SamSam malware is known for hunting down critical files and encrypting them. Once encrypted, the criminals asked for Bitcoin. Allegedly, the cost of the attack amounted to $12.2 million.
In the same year, SamSam also attacked the Farmington, New Mexico municipality, the Adams Memorial Hospital in Indiana, the electronic health records provider Allscripts, and more.
IoT sensors in smart cities help collect device data from residents and assets, helping monitor things like traffic, parking, public data, utilities, and more. Oftentimes, smart cities leverage big data analytics to improve services but unfortunately, cyber criminals are known to target IoT devices that aren’t secure or disrupt servers.
DDoS attacks are difficult to stop because they target multiple sources. For example, the Mirai malware scans unsecured IoT devices that use default passwords to disrupt systems in smart cities.
A well-known example of Mirai in action happened in 2016 when it targeted Dyn, the company that controls most of the internet’s domain name system (DNS) infrastructure. The cyber attack brought down much of America’s internet, including sites like Twitter, Netflix, Reddit, CNN, and more across Europe as well.
The Mirai-based DDoS attack was made of IoT devices like cameras and DVR players, with Dyn estimating the attack involved over 100K malicious endpoints.
Hijacked devices open up the door for attackers to have control of a device which is then used to interrupt a system by exploiting security flaws.
The standard modus operandi for cyber criminals using device hijacking is to not radically change a device’s core functionality to make the attack harder to detect. Once an attacker gains access to a company’s network, they can easily compromise all devices and systems.
A recent research from the University of California at Berkeley found that emergency alert systems, traffic signals, and street video surveillance are vulnerable to attacks. In stark comparison, some of the safest systems are smart waste systems and satellite water leak detection.
Smart devices pose a fantastic opportunity for creating value in the smart cities industry as digitization brings added intelligence to Edge and IoT networks, both for development and operational needs.
Also, smart cities offer a vast attack surface that can be exploited. This is an extremely real and present danger. The more technology a city uses, the more vulnerable it is to cyber attacks, making the most technologically advanced cities excellent targets. Attacks on city services and infrastructure are inevitable and it would be irresponsible not to take concrete steps to improve security and protect against intrusions.
Smart cities contain of different types of IoT sensors and controllers which include smart parking sensors, structured health awareness, smart lighting, traffic control, lane optimization, and more. With that being said, it’s also important to note that the cloud is an active platform that stores and interprets centralized smart city data.
For smart cities, AI EdgeLabs provides the following set of cyber protection:
- Intrusion detection
- Network anomaly detection
- Network attack detection & classification
- Malware detection
- Automated prevention scenarios
Possible deployment examples
As illustrated on the diagram below, large-scale smart city deployments usually hold intermediate Edge layers for data aggregation and pre-processing.
AI EdgeLabs sensors can be deployed on the Edge network that holds exposure to APIs and services with core networks, which must be protected against network attacks.
The AI EdgeLabs Sensor provides in-place data protection and traffic modeling to understand the threats and vulnerabilities inside the Edge network. These threats can be reported to any SIEM system inside the smart city ecosystem on a specific dashboard inside AI EdgeLabs.
AI EdgeLabs is a robust, enterprise-grade, and AI-based platform that brings advanced network visibility, early threat detection, and automated incident response and remediation vital for the smart cities industry. Enriched with Deep Reinforcement Learning, our platform is smart and impressively accurate in detecting threats before they even have a chance to cause harm.