Recent high impact, high profile attacks on critical infrastructure demonstrate how smart (inter)connectivity has not been protected by the following smart measures.
The increased connectivity and interconnectivity of smart systems opens up greater risks and opportunities for threat actors to attack and take down critical systems and services swiftly.
Self-propagating malware can easily take down the critical infrastructure and systems used in smart systems and cities, especially because of the interconnectivity within smart systems. Just a few months back, the Colonial Pipeline ransomware attack in the United States affected nearly half of their east coast’s fuel supply.
Multiple ransomware attacks have also taken place at government and utility organizations recently, such as a hit on renewable energies and multi-source electricity producer Voltalia, which resulted in a large amount of business-critical and sensitive data being exfiltrated. There was also the potential data leak of personal identifiable information from an Indian database that is suspected to be government-related.
As governments in South-east Asia continue in their missions to build up smart cities, they need to proactively mitigate the risks of cyber threats through the following four considerations.
- Leverage cyber intelligence
Staying one step ahead of cyber-attackers requires a thorough understanding of knowing where to look, who the threat actors are, what they are after, when they are planning to launch an attack and how they intend to do so.
Smart city cyber-defenders need to be proactive to gain a pre-emptive advantage. Often, this means looking into the deepest, darkest corners on the Internet. Over 94% of the world’s information resides in the deep and dark webs that are frequented by cyber-threat actors trading restricted information ranging from academic and research data, to financial and medical records.
To minimize data breaches and cyber threats, smart cities must adopt an intelligence-centric mindset and leverage deep technology to monitor these platforms. Predictive detection capabilities help remove the element of surprise from these cyberattacks, allowing cybersecurity agencies to take actions swiftly and prevent data exfiltration and loss.
- Fight AI with AI
Similar to how our immune system continuously self-monitors, learns and heals when faced with anomalies, the next frontier of cybersecurity solutions should have the ability to identify abnormal foreign activities or programs through adaptive machine learning.
An automated, self-defense cybersecurity system powered by AI and predictive analytical technologies will be able to define normal and abnormal statuses, monitor the system 24/7, and respond to and recover from new threats. Having such a system will reduce the risk of attacks significantly and reduce the attractiveness of being a hacking target for threat actors.
- Rethink the regulatory environment for cybersecurity
While governments have enacted cyber laws, the reality is that these can be difficult to enforce. There are a few areas within the circle of influence where improvements can be made and scaled.
For a start, incident reporting can be made mandatory and this will generate a body of research data that can provide insights on threats to the nation, and inform the government on strategies it can undertake to strengthen its cyber posture. Imposing mandatory risk and vulnerability assessments also helps governments identify threats early and take measures to close any cybersecurity gaps. Commencing attack vector assessments can help uncover new attack surfaces as businesses adopt new digital formats and services.
Beyond that, nations can cultivate a cyber-reward culture where the discovery of bugs and vulnerabilities are rewarded, providing an incentive for the cybersecurity community to share their knowledge and promote collaboration.
- Adopt an all-round protection framework
As much as cybersecurity is a technology problem, humans are part of the equation contributing to it. Cyber hygiene needs to be emphasized and practiced religiously. Employees and individuals need to be educated on cyber threats and risks, given the prevalence of phishing attacks and social engineering hacking campaigns.
From the technology perspective, the public and private sector should incorporate layered defenses with data and endpoint security, gateway-based security, automating scanning, monitoring and malware removal.
Antivirus solutions, data loss detection and protection, and VPN solutions must not be overlooked. With processes, cybersecurity teams should conduct threat profiling, creation of threat segmentation, zoning and risk containerization. Daily backing up of data would be a good policy to adopt, too.
Finally, when it comes to governance, a good cyber threat visibility and intelligence program is vital in completing a well-rounded cybersecurity strategy.
Ultimately, the increasing connectivity of our world means that the possibility of cyber threats will always be present. However, it is clear that the potential economic and social benefits that smart cities can bring to the table outweigh the risks, and nations should not be dissuaded from their smart city plans.
Through gaining accurate intelligence of where external threats lie, understanding them and implementing effective cybersecurity measures, cities will become not just smarter, but safer as well.