By Mark Micallef, Vice President of Asia Pacific and Japan, Cloudera
What comes to your mind when you think of the term “smart city”? For me, it conjures an image of a city where everything is interconnected, enabling it to run efficiently and offer convenient, secure, and personalized services to its residents at the touch of their fingertips.
While such a city might sound like a utopian dream, it could potentially turn into a dystopian nightmare if we overlook the risks brought about by the rise of smart cities. Reflect back on the recent SingHealth breach in Singapore, in which non-medical personal data of 1.5 million patients– including that of Prime Minister Lee Hsien Loong’s – were stolen.
Although the hackers did not amend the compromised records, the stolen data – such as patients’ names, national identification numbers, and home addresses – could have been sold to the dark web. Armed with those personal data, cybercrooks could use them to illegally access a victim’s bank account or create a composite of the individual to commit offline crimes such as burglary, extortion, or fraud.
As for the Prime Minister’s stolen health records, they could be used to cause instability within the country. Cybercriminals could expose them to plant seeds of doubt on his ability to govern, if the records indicated that he was unwell.
The pitfalls of smart cities
According to American historian Melvin Kranzberg, “Technology is neither good nor bad; nor is it neutral.” Since this suggests that the impact of smart cities depends on the use of technology, it is crucial to prevent the misuse of digital tools and systems. To do so, we need to first understand why smart cities are vulnerable to attacks. Here’s my take on the top three reasons.
- IoT opens doors to threats
Frost & Sullivan estimates that Asia Pacific will spend US$59 billion on the Internet of Things (IoT) by 2020, up from the US$10.4 billion in 2014. The increase in spending is mostly fueled by the growth of smart city projects. Since most connected devices are not designed with security in mind and due to the fact that there is a lack of comprehensive IoT security standards today, the surge of connected devices means that there are more entry points for hackers.
- The rise of IoT malware
Realizing IoT devices’ weakness, cybercriminals have been developing more malware designed specifically to exploit those devices. Case in point: Kaspersky Lab found that IoT devices were attacked by more than 120,000 modifications of malware during the first half of this year.
One such malware is Okiru, a Mirai variant which was reported in January 2018 to be targeting ARC-based processors that are embedded in billions of connected devices. Hackers can use devices infected by Okiru as botnets to launch DDoS attacks or to spy, blackmail or steal from victims.
- Inability to manage the upcoming data deluge
By 2025, approximately 80 billion devices will be connected to the internet, creating 180 zettabytes of data, according to IDC. This massive volume of data makes it challenging for public sector agencies to store, secure, and analyze it. Moreover, if data is kept in silos, it hinders agencies from not only getting accurate insights in real time but also collaborating with others to respond to citizen needs quickly and more effectively.
Taking advantage of the blurred line between the online and offline worlds, criminals are also increasingly using digital tools as a means to perpetrate offline crimes. A recent report by Bromium revealed that globally, up to US$200 billion is laundered each year, with virtual currencies becoming the primary tool for such illegal activities.
Another example would be terrorists using social media to radicalize others or solicit funding. Earlier this year, the Malaysian police arrested more than 200 suspects for propagating extremist ideologies and recruiting members using Facebook, Twitter, and Instagram. Meanwhile, the Indonesian authorities have found that social media is increasingly being used in the country to raise funds for terror activities, due to the ease of opening an account with false identities.
Building the foundation of safe cities
Ensuring public safety is one of the core responsibilities of governments. Recognizing the potential dangers of smart cities, governments are making efforts to better protect their citizens from emerging threats. Frost & Sullivan forecasts global spending on technologies that enable safe cities to reach US$85 billion by 2020, 24 percent of which will come from Asia Pacific.
Since data fuels the growth of smart cities, it is crucial for governments to invest in data management and data security platforms, advanced analytics, and machine learning. These digital tools will allow them to:
- Effectively aggregate data from various systems and organizations to support multi-functional analytic applications
- Cost-effectively ingest, store and utilize data from all IoT devices
- Enable comprehensive data security, compliance, and governance for all of the data collected
- Drive real-time processing and analytics to IoT data – both in motion and at rest
- Analyze all data – be it at the edge, on cloud, on-prem or in a hybrid mode
- Accelerate exploratory data science at-scale and build machine learning models.
With these capabilities, governments will gain visibility into their data and are empowered to make insights-driven strategic decisions that can help improve the safety of their smart cities.
By eliminating data silos with the Cloudera Enterprise Data Hub platform, the agency ensured that all its departments have access to standardized and accurate data sets to analyze and make informed decisions.
As a smart city is essentially an ecosystem, it takes more than just the government’s involvement to secure a city. Some private organizations have taken the lead to play a part in enabling safety of their customers and cities in general cities. Singapore’s United Overseas Bank (UOB), for instance, is using machine learning to detect and identify suspicious money laundering activities more accurately and quickly, as compared to using existing rules-based anti-money laundering systems.
Another exemplary organization is Thorn, a non-profit organization that aims to end child sexual exploitation. With Cloudera Enterprise powering its data collection and analysis tool, Thorn can now run natural language processing and analytic algorithms on its data. This has helped the organization identify 2,025 child sex trafficking victims and 4,624 adult victims, as well as bring more than 2,249 traffickers to justice.
It is not surprising that enhancing public safety is one of the major drivers of smart city projects. Think about it: Would you want to live in a connected city that is fraught with crimes? To realize an intelligent city that is safe, governments will need a foundation that allows them to not only make more informed decisions but also work hand-in-hand with the private sector to identify and address risks effectively.