At a time when the FCC has taken a renewed interest in beefing up emergency alerting and limiting false alarms in the United States, a new report says cybersecurity professionals believe digital systems used to deliver localized emergency alerts are a top threat to so-called smart city technologies.
The term “smart city” is often used to describe deployment of, among other things, information and communication technologies to improve infrastructure and city services. Critics of smart city technologies point to potential threats posed when local jurisdictions adopt various digital systems.
Emergency and security alert systems, street video surveillance, and smart traffic lights, were ranked as significantly more vulnerable to cyberattacks, according to a survey of cybersecurity experts conducted by a think tank at the University of California, Berkeley.
The school’s Center for Long-Term Cybersecurity (CLTC) asked 76 cybersecurity experts in late 2020 to compare the respective risks of cyberattacks against various connected digital systems and the potential impact of successful attacks if they do occur.
The survey ranked emergency and security alert systems that give critical guidance to the public during times of distress as most vulnerable. “Ten of the 76 respondents described how spoofed emergency alerts could cause widespread panic and civil unrest,” according to the report.
Other survey respondents noted the risk of hackers tampering with traffic lights that could cause accidents and gridlock and possibly prevent police, firefighters and ambulances from reaching emergency scenes.
IT security is seen as critical to those smart city technologies, according to the think tank’s white paper. It acknowledges critics who argue “introducing new technologies that increase the connectedness of service delivery systems and government operations with the internet can expose local communities to cyberattacks by a variety of malicious actors.”
The research project was authored by Karen Trapenberg Frick, associate professor in the Department of City and Regional Planning at UC Berkeley, and Alison E. Post, associate professor of Political Science and Global Metropolitan Studies at UC Berkeley, along with several doctoral candidates.
“Our survey results indicate that smart city technologies are not created equally when it comes to cyber-risk. Cybersecurity experts judged emergency and security alerts, smart traffic signals, and video surveillance to be much riskier than many others,” the white paper concluded.
The cybersecurity experts participating in the survey were recruited from academia, government and private industry. The group was also asked to rank the risk of nine smart city technologies, including water consumption tracking, smart tolling, gunshot detection, smart waste and water leak detection.
The authors suggest resources are available for local officials concerned about IT security of their digital systems, including training programs available through the U.S. Department of Homeland Security.
The FCC recently issued a Notice of Inquiry (NOI) to explore the potential of internet-based EAS alerts, including audio and video streaming services, and whether such a system would have merit or even be feasible.