The internet of things (IoT) is key to smart cities in order to make them more intelligent, efficient and sustainable. However, digital security investments in smart cities are struggling to keep pace, leaving the potential for future vulnerabilities to the IoT ecosystem, according to a new report from ABI Research.
Smart city security spending coming from financial, information and communication technologies (ICT) and defense industries will account for 56% of the projected $135 billion in total cybersecurity critical infrastructure in 2024, ABI Research forecasts. The remaining 44% of the spending will be split between energy, healthcare, public security, transport, and water and waste sectors. This spending will leave IoT woefully underfunded and vulnerable to cyberattacks.
Smart cities use a network of devices and technologies to enable intelligent energy, utilities, water and wastage, parking and automotive, industrial and manufacturing, building automation, e-government and telemedicine, surveillance and public safety.
“Smart cities are increasingly under attack by a variety of threats,” said Dimitrios Pavlakis, industry analyst at ABI Research. “These include sophisticated cyberattacks on critical infrastructure, bringing industrial control systems (ICS) to a grinding halt, abusing low-power wide-area networks (LPWAN) and device communication hijacking, system lockdown threats caused by ransomware, manipulation of sensor data to cause widespread panic and siphoning citizen, healthcare, consumer data, and personally identifiable information (PII), among many others.
There will be about 1.3 billion wide-area network smart city connections by 2024 with 50% of those connections expected to be LPWA-LTE and LPWA proprietary, ABI Research said.
But these connections lack cryptographic measures and include poor encryption key management, non-existent secure device onboarding services, weaponized machine learning technologies, poor understanding of social engineering and lack of protection versus distributed denial of service (DDoS) attacks. This lack of investment in digital security is contributing to the amplification of cyber-threats in smart city ecosystems, Pavlakis said.