Czechpoin

And as the current coronavirus age shows, technology can play a vital role, whether we are talking about work, play, or everyday life. However, new technologies go hand in hand with risks and cyber threats. However, this is no reason to get out of the way and try to become the city or village of the future. All you must do is consider potential vulnerabilities and implement security and protection right from the start of each project. In short, cybersecurity must be an integral and natural part of smart cities from the design stage.

In recent years, we have seen an increase in cyberattacks in connection with the expansion of IoT and other technologies into urban infrastructures. Attackers adapt to trends and adjust their strategies and look for weaknesses, whether in the normal world or in the cyber world. Unfortunately, many of the attacks are successful, but that does not mean that the cities are defenceless and there is no protection. Many of them still underestimate the risks and by doing mistakes make the potential attackers successful. Alternatively, security is addressed only afterwards and therefore does not meet the given needs, or it is even a mess of individual, often ad-hoc and separate solutions without an overall vision.

For example, ransomware attacks on cities and urban infrastructures are on the rise around the world. The cost of repairing damage is millions of dollars, and outages of medical, security, police or fi re services can end in tragedy. Frankfurt, one of the largest fi nancial centres in the world and the seat of the European Central Bank, has not recently attacked. After a wave of cyber-attacks, Frankfurt even had to disconnect its network from the Internet to prevent further damage.

The volume of ransomware attacks is relatively low, but their severity is all the higher. Criminals carefully identify goals and sometimes follow weeks or months and consider a follow-up strategy to maximize profi ts. This is one of the reasons why we are increasingly encountering double blackmail, where attackers encrypt critical systems, demand payment of a ransom for making them available again, and at the same time threaten to publish stolen information. The aim is to paralyze the victim so that he/she has no choice. And cities are a lucrative target because they cannot aff ord the outage of critical services, whether in healthcare, transportation, or gas, water, or electricity supplies.

The key to protecting smart urban systems is to think comprehensively and consider all factors. Complete security of complex industrial control (ICS) and SCADA systems requires the best care without compromise. Targeted attacks on critical infrastructure and ICS systems increased by as much as 2,000% during 2019, and the coronavirus pandemic adds to extortion and other attacks. From a variety of movies and games, we know fi ctional scenarios where hackers take control of smart buildings, lighting, or traffi c management systems, and so on. But it has not been fi ction for a long time and there is a real threat of similar situations. Each system is secured only as secure is the weakest link.

What to require from such security? The emphasis is on preventive technologies that stop threats before they can cause any damage. The equipment must allow segmentation and separation of information (IT) and operational technologies (OT). Flexibility and adaptation to load fl uctuations are also required. The simplicity of deployment and intuitive and clear remote administration with absolute visibility of all threats and risks, as well as compliance with various laws and regulations (regulatory compliance) should be a matter of course. However, you can have the best hardware and software, but it will only protect you if it works properly and without downtime. So other criteria need to be considered. How will the device respond to extreme cold or heat, withstand vibrations and be immune to electromagnetic interference? The cybernetic world is not separated from the physical and it is necessary to look at things comprehensively. If attackers disabled security by some mechanical means, they would have more access to virtual data.

It is also important to hear warnings about threats related to the growth of IoT and the development of 5G networks, which will bring a signifi cant increase in data volumes. Although cities will have the necessary information from the connected smart devices and sensors, with which it is possible to continue working, but in health care, for example, there is a risk of their misuse. Similarly, we can talk about smart cars connected to smart city systems and other technologies. In short, the growing volume of personal data and information needs to be protected from theft and misuse. So-called micro-pilots, which will check all data within each device and communicate with the security system, can help signifi cantly in these areas.

And speaking of smart cities and smart technologies, the attackers are not idle and trying to take advantage of artifi cial intelligence to identify vulnerabilities and create even more sophisticated threats. If cities want to be smart, they also must be smart about security.

# Daniel Šafář, Country Manager CZR, Check Point Software Technologies