Keep the IoT, but Close the Cyber Attack Door

From New Orleans to Jerez, from Baltimore to Johannesburg, ransomware attackers have found a favorite target in municipalities. These fraudsters sneak malware into a computer system that encrypts critical files, which the victim must pay to unlock. When a municipality is the target, the demand can be hundreds of thousands or millions of dollars. When Pensacola, Florida’s city hall was rocked with a ransomware attack, the demand was for $1 million in cryptocurrency.

While it’s not clear if that demand was met, it is clear that cyber attacks against municipalities come with an elevated level of risk. When a city faces a cyber attack across its many systems, critical functions are hampered. Controls for things like water treatment, traffic systems, and emergency dispatch may become inoperable.

Smart Cities and Internet of Things Present Digital Vulnerabilities

The threat of cyber attack on cities is an increasing concern with the advent of Internet of Things (IoT) networks and the thousands of networked devices that come with them. The very interconnectivity that makes smart cities work poses a substantial cybersecurity risk. Every device represents a potential point of attack. Devices must be networked together with other municipal systems that may create paths from IoT devices to critical files and systems. Each one must be supported by its own software, firmware, and operating systems that must be kept updated to patch up vulnerabilities. There are concerns that the skyrocketing number of IoT devices could be recruited into botnets, as seen in the 2016 attack against internet routing service Dyn. With networks of malware infected, internet-connected devices are then at the command of potentially nefarious actors.

What Is a Smart City to Do?

While the potential dangers in municipal IoT systems has security experts worried, they do stress that there are steps cities can and should take to safeguard their systems. Chiefly, it begins with education. Anyone with access to critical municipal computer systems needs to be regularly educated about cybersecurity and on how to identify potential threats like phishing attempts. Keeping employees updated on these attempts as they happen in real time is also a good practice.

Cities should ensure they have a robust IT department, or even a dedicated IoT office, that can handle the updating, patching, and segregating of all the devices that a city adds. Keeping every sensor, data hub, router, server, computer, and phone that a city has in its inventory up to date is critical to curbing access to outside actors and protecting resident data. These actions will not only protect the data of the city from breach or ransom but will also ensure security for others—a herd immunity for the digital age.

Lessons can also be gleaned from past attacks. Atlanta, Georgia was struck by what experts consider the largest ransomware attack against a municipal government on March 22, 2018 that left many municipal systems inoperable for five days. Despite the large size and scope of the attack, Atlanta’s emergency dispatch and utilities were able to remain operable for the simple reason that they could still function manually. Thanks to prior planning, they intentionally left analog operation systems and knowledge in place for such an event. Atlanta’s response to this attack drew praise from security experts and, with additional suggestions, lay a ground plan for other municipalities preparing their digital defenses.