Skip to main content

Today, hacks are annoying. In future smart cities, they could kill

Image used with permission by copyright holder

Lax computer security is something everybody complains about, but no one does anything to fix it. Witness the egregious examples of security lapses ranging from Equifax to Yahoo that have compromised the personal data of billions of people.

But that lackadaisical attitude toward cybersecurity is going to have to change if smart cities are going to succeed. As more of a city’s physical infrastructure relies on connected services to control everything from traffic lights to the power grid, the more vulnerable it potentially becomes—and the more dangerous it becomes for citizens walking its streets.

Cities across the globe are installing technology to gather data in the hopes of saving money, becoming cleaner, reducing traffic, and improving urban life. In Digital Trends’ Smart Cities series, we’ll examine how smart cities deal with everything from energy management, to disaster preparedness, to public safety, and what it all means for you.

Until now, the compromised security at businesses like Dunkin’ Donuts, Marriott’s SPG loyalty program, and Quora has been, for many people, a mere annoyance. True, the breach at Marriott involved as many as 500 million customers and their passport information, a costly mistake that could run into billions of dollars if the documents have to be replaced. But in general, cyber fraud and identity theft has become an accepted cost of the convenience of leading a digital life.

However, such security mistakes could prove fatal in smart cities of the future where everything from public transportation to water filtration systems rely on the integrity of a municipality’s cyber connections.

Perhaps nowhere is the threat more keenly perceived than in the nexus between self-driving vehicles and a city’s traffic infrastructure. What would happen, security researchers worry, if such communications were interrupted or, even worse, falsified? Could cars and buses be sent careening at each other at full speed or remotely directed to speed over sidewalks into pedestrians and buildings?

Argus Cyber Security

Fortunately, several security focused companies, such as Argus and Upstream, have been working for some time in the connected car space, trying to button down automotive systems. Argus demonstrated some of the vulnerabilities to Digital Trends by using a known hack to remotely turn on a Jeep’s headlights, windshield wipers, and even brake the car while this reporter was driving the vehicle. It’s an unnerving experience, to say the least. But imagine hundreds of cars all being remotely controlled by digital pirates looking to cause citywide mayhem.

Lackadaisical attitude toward cybersecurity is going to have to change if smart cities are going to succeed.

Such scenarios are the stuff of engineers’ nightmares. So automakers have been building out their own security operation centers, anticipating the connected future. Major parts suppliers have also been expanding their offerings. (German auto systems company Continental acquired Argus, for example.) In general, such security work has focused on watching for nefarious communications with cars, anticipating hacks before an incursion can occur.
But beyond self-driving cars, smart cities require a broader approach.

So last month BlackBerry announced it was going to make a security credential management system (SCMS) freely available to cities and automakers working on smart city projects. The idea: use a public key-based certificate system to authenticate transmitted instructions and information between transportation systems and the municipal infrastructure. It would ensure, for example, that a message from the city’s traffic system that a light ahead was turning red was genuine, so that self-driving cars would stop in time. Conversely, an ambulance could turn lights ahead green and send warnings to other vehicles on the road. Such vehicle-to-infrastructure and vehicle-to-vehicle (V2X) communications need to be virtually instantaneous and reliable to ensure safety.

Jim Alfred, the head of BlackBerry’s Certicom product group, told Digital Trends during a press conference that such certificates would be generated on the fly, so that they couldn’t be spoofed or faked. Furthermore, the cloud-based approach would be fast enough to accommodate the needs of such V2X systems, including alerts about accidents or sudden changes in road conditions ahead.

BlackBerry, which has arguably more experience with in-car systems via its QNX division than any other company, also said that the communications between vehicle and infrastructure would remain anonymized to maintain privacy. The initial tests of the company’s system will take place early this year in coordination with the Invest Ottawa development program and its supported 10-mile autonomous vehicle test track in Canada’s capital.

Ottawa's Autonomous Vehicle Ecosystem
Ottawa’s Autonomous Vehicle Ecosystem Invest Ottawa

[Toronto wants to get smart, but citizens are concerned about privacy.]
The need for such a secure communications system has been noted by the U.S. Department of Transportation, but no standard has yet been proposed. That means municipal governments are on their own when it comes to ensuring the reliability and safety of such systems.

Further underscoring the issue, cybersecurity is a moving target. As new services like smart city integration come online, it opens up new attack vectors and more opportunities for new hacking techniques. Mozilla, for example, recently noted the lack of security on popular drones from DJI and Parrot, a concern as cities look to such unmanned aircraft to assist first responders and law enforcement–never mind the kind of disruptions caused by rogue drones at London’s Gatwick airport. And as has been painfully demonstrated over the past couple of years, larger companies have been unable to stay ahead of such threats on their own. So many businesses and governments are looking to smaller security startups for help.

In New York City, a new Global Cyber Center is being created for just such a purpose under the direction of the New York City Economic Development Corporation. Last fall, the city selected the Israeli firm, SOSA, to establish and manage the center, which will bring together venture capitalists, security startups, and Fortune 500 companies seeking solutions to tomorrow’s digital threats.

“The biggest worry is about autonomous vehicles where one single hack can go global,” Uzi Scheffer, SOSA’s CEO, told Digital Trends. He said the fact that New York is also a global financial center makes it an even more attractive target for hackers.

“The biggest worry is about autonomous vehicles where one single hack can go global.”

SOSA expects the 15,000-square-foot Global Cyber Center will open in Manhattan’s Chelsea neighborhood by the spring. It’s intended to be a launching pad for new security initiatives that larger corporate and municipal clients can tap into. But it’s also going to take a significant amount of money: $30 million from the city and a reported $70 million from private partners.

Obviously, not every municipality can attract such substantial investments or afford such vertically oriented technology initiatives. Hence, the need for a security standard is rapidly becoming one of the more pressing problems for smart cities looking to integrate intelligent systems. Whether we’ll see the adoption of such an industry standard or see a service like that from Blackberry become a de facto standard for cities to build on, remains to be seen.

Editors' Recommendations

John R. Quain
John R. Quain writes for The New York Times, Men's Journal, and several other publications. He is also the personal…
Digital Trends’ Top Tech of CES 2023 Awards
Best of CES 2023 Awards Our Top Tech from the Show Feature

Let there be no doubt: CES isn’t just alive in 2023; it’s thriving. Take one glance at the taxi gridlock outside the Las Vegas Convention Center and it’s evident that two quiet COVID years didn’t kill the world’s desire for an overcrowded in-person tech extravaganza -- they just built up a ravenous demand.

From VR to AI, eVTOLs and QD-OLED, the acronyms were flying and fresh technologies populated every corner of the show floor, and even the parking lot. So naturally, we poked, prodded, and tried on everything we could. They weren’t all revolutionary. But they didn’t have to be. We’ve watched enough waves of “game-changing” technologies that never quite arrive to know that sometimes it’s the little tweaks that really count.

Read more
Digital Trends’ Tech For Change CES 2023 Awards
Digital Trends CES 2023 Tech For Change Award Winners Feature

CES is more than just a neon-drenched show-and-tell session for the world’s biggest tech manufacturers. More and more, it’s also a place where companies showcase innovations that could truly make the world a better place — and at CES 2023, this type of tech was on full display. We saw everything from accessibility-minded PS5 controllers to pedal-powered smart desks. But of all the amazing innovations on display this year, these three impressed us the most:

Samsung's Relumino Mode
Across the globe, roughly 300 million people suffer from moderate to severe vision loss, and generally speaking, most TVs don’t take that into account. So in an effort to make television more accessible and enjoyable for those millions of people suffering from impaired vision, Samsung is adding a new picture mode to many of its new TVs.
[CES 2023] Relumino Mode: Innovation for every need | Samsung
Relumino Mode, as it’s called, works by adding a bunch of different visual filters to the picture simultaneously. Outlines of people and objects on screen are highlighted, the contrast and brightness of the overall picture are cranked up, and extra sharpness is applied to everything. The resulting video would likely look strange to people with normal vision, but for folks with low vision, it should look clearer and closer to "normal" than it otherwise would.
Excitingly, since Relumino Mode is ultimately just a clever software trick, this technology could theoretically be pushed out via a software update and installed on millions of existing Samsung TVs -- not just new and recently purchased ones.

Read more
AI turned Breaking Bad into an anime — and it’s terrifying
Split image of Breaking Bad anime characters.

These days, it seems like there's nothing AI programs can't do. Thanks to advancements in artificial intelligence, deepfakes have done digital "face-offs" with Hollywood celebrities in films and TV shows, VFX artists can de-age actors almost instantly, and ChatGPT has learned how to write big-budget screenplays in the blink of an eye. Pretty soon, AI will probably decide who wins at the Oscars.

Within the past year, AI has also been used to generate beautiful works of art in seconds, creating a viral new trend and causing a boon for fan artists everywhere. TikTok user @cyborgism recently broke the internet by posting a clip featuring many AI-generated pictures of Breaking Bad. The theme here is that the characters are depicted as anime characters straight out of the 1980s, and the result is concerning to say the least. Depending on your viewpoint, Breaking Bad AI (my unofficial name for it) shows how technology can either threaten the integrity of original works of art or nurture artistic expression.
What if AI created Breaking Bad as a 1980s anime?
Playing over Metro Boomin's rap remix of the famous "I am the one who knocks" monologue, the video features images of the cast that range from shockingly realistic to full-on exaggerated. The clip currently has over 65,000 likes on TikTok alone, and many other users have shared their thoughts on the art. One user wrote, "Regardless of the repercussions on the entertainment industry, I can't wait for AI to be advanced enough to animate the whole show like this."

Read more