Smart Cities around the world are at risk of getting hacked in everything from traffic control to flood prevention even as they spend $81 billion globally this year on data sensors to collect and integrate information. That's according to researchers from IBM Security and the data security firm Threatcare.
Daniel Crowley, global head of research for IBM X-Force Red, studied sensor hubs from Libelium, Echelon and Battelle, which sell systems to smart cities. He did not evaluate cities individually. Cincinnati "aims to be one of the 'smartest' cities in the country when it comes to municipal operations," according to a release, and currently has several projects underway.
What Crowley and Jennifer Savage of Threatcare found was 17 new vulnerabilities, eight of them critical.
These included flood prevention, radiation level detection and industrial systems that connect information to the internet. Crowley also found problems with communication between traffic signals and cars.
"I definitely think it's concerning the number and severity of vulnerabilities we found," Crowley tells WVXU. "A number of them are deployed and exposed to the internet."
"This is a time for cities to review what devices they have," he adds.
There are fixes. He says all of the companies developed patches within a short amount of time and have communicated that to the cities that have them.
From this Crowley says we can learn 3 things:
- The manufacturers need to check security processes
- Cities need to evaluate the risk to security and privacy for these systems
- People should know they ultimately don't have control of their city and what technology it uses
He suggests demanding transparency.
Two glaring errors which had nothing to do with Crowley's research were Hawaii's accidental missile alert and the hack that sounded Dallas's tornado sirens last year.