Skip to main content
close search
site logo
Dive Brief

IBM, Threatcare uncover vulnerabilities of smart city tech

Published Aug. 10, 2018
Katie Pyzyk's headshot
Katie Pyzyk Contributor
Adobe Stock

Dive Brief:

  • Researchers with IBM and Threatcare released a study showing multiple areas in which smart city devices are vulnerable to hacking and cyberattacks, which offers attackers the opportunity to cause widespread public panic.
  • The team uncovered 17 specific vulnerabilities when they examined four smart city systems from three different vendors. Eight of the flaws hold critical severity. The vulnerabilities leave cities open to false attacks meant to cause panic or real attacks such as flooding, radiation, gunshot reports or transportation and transit system gridlock.
  • All device vendors quickly issued patches and software updates when the researchers informed them of the flaws. 

Dive Insight:

This research raises the question of whether manufacturers are spending enough time on system security. The smart city space still is very much an emerging market and often developers and manufacturers race to be the first to get a product to market. But in such competitions, important details sometimes can fall to the wayside, even to the extent of producing catastrophic failures. A case could be made that the deadly Uber autonomous vehicle (AV) accident in Arizona might fall into this category.

Likewise, cities often scramble to be the first to implement technologies that could garner recognition, in addition to positive resident reactions, and they might not adequately research, confirm or understand security details. Granted, local governments aren't necessarily experts in all aspects of the tech field or in exactly what questions to ask about device security, which is why they enlist help from third-party vendors in the first place. And in the end, city employees can ask all the right questions but they still have to put their trust in a vendor's assurances that the system is secure. 

The study specifically named the scare in Hawaii earlier this year when an emergency alert was sent to citizens' phones indicating an imminent missile attack. Although the alert and ensuing panic in Hawaii was caused by human error, it's an example of the type of chaos that could result from a smart system hack.

Although on a different scale and due to slightly different causes, Atlanta experienced its own chaotic digital event this spring when the city found itself the victim of a ransomware attack. It crippled the municipal computer system and created outages for both internal- and external-facing operations. The attack rendered residents unable to access certain information like court records or carry out some functions like bill payments, in addition to affecting internal systems like wiping out years worth of police dashcam videos.

Around the same time, Baltimore's 911 system was hacked. This is an example closer to the potential chaos described by the IBM and Threatcare researchers. 

This study might serve as a wake-up call for cities to increase their diligence with product research and not jump on a device or vendor bandwagon prematurely. Smart device vendors also might be moved to better design and test products before releasing them to market.

The researchers provided five recommendations for securing smart city systems, including implementing IP address restrictions and using application scanning tools to identify simple flaws.

Recommended Reading

Editors' picks

  • A photo illustration of Kamala Harris and Donald Trump shoulder to shoulder facing away from each other. The background is a purple wave with a grid gradient.
    Image attribution tooltip

    Photo illustration: Industry Dive; Joe Readle/Getty Images; Brandon Bell/Getty Images

    Image attribution tooltip

    How EV policy could be impacted by the election results

    Electric vehicle infrastructure projects, like charging stations, are likely to maintain support, even under another Trump presidency, one expert says. EV tax credits, however, could be on the chopping block.

    By Robert Walton • Nov. 4, 2024
  • Aerial view of vegetation on the roof of a large building.
    Image attribution tooltip
    hapabapa via Getty Images
    Image attribution tooltip

    How US cities are investing in green infrastructure

    The nation’s largest city is spending millions on porous pavement while communities in the Midwest are greening neglected alleys to mitigate flooding.

    By Ysabelle Kempe • Oct. 24, 2024

Company Announcements

View all | Post a press release

Want to share a company announcement with your peers?

Share your announcement

Editors' picks
  • A photo illustration of Kamala Harris and Donald Trump shoulder to shoulder facing away from each other. The background is a purple wave with a grid gradient.
    Image attribution tooltip

    Photo illustration: Industry Dive; Joe Readle/Getty Images; Brandon Bell/Getty Images

    Image attribution tooltip

    How EV policy could be impacted by the election results

    Electric vehicle infrastructure projects, like charging stations, are likely to maintain support, even under another Trump presidency, one expert says. EV tax credits, however, could be on the chopping block.

    By Robert Walton • Nov. 4, 2024
  • Aerial view of vegetation on the roof of a large building.
    Image attribution tooltip
    hapabapa via Getty Images
    Image attribution tooltip

    How US cities are investing in green infrastructure

    The nation’s largest city is spending millions on porous pavement while communities in the Midwest are greening neglected alleys to mitigate flooding.

    By Ysabelle Kempe • Oct. 24, 2024
Latest in Climate & Resilience
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell