As more municipalities invest in internet-connected “smart city” technology to improve services and infrastructure, they also increase their community’s risk of exposure to cyberattacks. However, a survey of cybersecurity experts by University of California, Berkeley researchers found that not all technologies pose the same level of risk. The study looked at common smart technologies used for water and sanitation, security and policing, and transportation, ranking them on technical vulnerability, potential impact and attractiveness to hackers. The most vulnerable technologies were emergency and security alert systems, street video surveillance systems, and smart traffic lights and signals. The least vulnerable tools were smart waste and recycling bins as well as satellite water leakage detection technology.
In profiling threat actors, the study noted the most effective would likely be nation-states and insiders, rather than thrill-seekers, cybercriminals and hacktivists. The researchers advised, “Local officials should therefore consider whether cyberrisks outweigh the potential gains of technology adoption on a case-by-case basis, and exercise particular caution when technologies are both vulnerable in technical terms and constitute attractive targets to capable potential attackers because the impacts of an attack are likely to be great.”