CISA releases cybersecurity best practices for smart cities

A new report (direct PDF report link) by the Cybersecurity and Infrastructure Security Agency (CISA) identified a number of cybersecurity risks associated with smart cities. Smart cities are especially vulnerable to “expanded and interconnected attack surfaces; information and communications technologies (ICT) supply chain risks; and increasing automation of infrastructure operations,” according to CISA.

The new best practices guide was produced in cooperation with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Cybersecurity Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ).

Additional smart city risks identified include:

  • Data breaches: Smart cities collect a vast amount of data, including personal information about citizens, traffic patterns, and infrastructure data. This data is a valuable target for cybercriminals
  • Denial-of-service attacks: Cybercriminals could launch denial-of-service attacks against smart city systems, disrupting critical services such as traffic lights and water management systems
  • Malware attacks: Cybercriminals could install malware on smart city devices, giving them control over these devices
  • Supply chain attacks: Cybercriminals could attack the supply chain of smart city devices, inserting malware or backdoors into these devices

Smart cities are especially vulnerable to cyberattacks since devices are often continuously connected to the internet, and may not have encrypted protocols which makes them especially vulnerable to hacking. Additionally, smart city devices often use outdated or unpatched software, which can leave them vulnerable to attack.

To mitigate these risks, CISA recommends that smart city operators implement a number of cybersecurity best practices, including:

  • Secure network segmentation for device types
  • Implementing strong security measures, such as firewalls, intrusion detection systems, and encryption
  • Conducting regular security audits
  • Training employees on cybersecurity best practices
  • Partnering with cybersecurity experts
  • Secure planning and design
  • Proactive supply chain risk management
  • Architecting for operational resilience
Understanding Indicators of Compromise for Incident Response
Using indicators of compromise (IOC) for incident response webinar by CISA. (Source: CISA)

By implementing these and other best practices in the report, CISA believes smart city operators can better protect their cities and citizens from cyberattacks.

Smart city cybersecurity is crucial, as failure to properly secure connected infrastructure could impact national security, economic security, public health and safety, and critical infrastructure operations.

To mitigate these risks, smart city operators need to take a comprehensive approach to cybersecurity. This includes implementing strong security measures, conducting regular security audits, training employees on cybersecurity best practices, and partnering with cybersecurity experts. By taking these steps, smart city operators can help to protect their cities from cyberattacks.

The full report is available now on CISA’s website.

Critical infrastructure cyberattacks are increasing

Critical infrastructure attacks are increasingly becoming a reality across the world. On the low end of severity, hacking groups such as Killnet are aggressively targeting US airport websites in distributed denial of service attacks.

On the opposite end of the spectrum, Russian state-backed hackers have relentlessly targeted Ukrainian critical infrastructure in cyberattacks. North Korean state-backed hackers have also disrupted the software supply chain with 3CX and X_Trader software trojanized installers to target US and European critical infrastructure users of the software.


Discover more from Cybersecurity Careers Blog

Subscribe to get the latest posts sent to your email.