Ransomware is Putting Smart City Aspirations on Notice

Written by

Municipalities and cities are heavily investing in smart network infrastructure to create an advanced interconnected future for their citizens. According to Grand View Research, smart city market size is estimated to reach $237 billion by 2025.

However, the recent and relentless ransomware attacks on small governments place a large asterisk next to these ambitions, as interconnectivity at such a large scale would likely lead to these attacks growing in danger and becoming increasingly financially draining.

Many cities and smart tech providers are sitting in “pilot purgatory” as a result, unable to go to market with solutions due to a lack of adequate cybersecurity to protect the added vulnerabilities related to these innovations.

Ransomware was initially a private sector issue, but last year burgeoned in the public sector as well. For example, the city of Baltimore was hit in 2019 with a minor ransomware attack demanding 13 bitcoins. With the support and influence of the FBI, the city chose not to pay the ransom. However, they spent nearly $18 million to repair the damage, which was far more than the ransom demand itself. At least 966 government agencies and healthcare institutions experienced attacks last year, according to research by Emsisoft, with the estimated total cost exceeding $7.5 billion.

In just the last couple of months, U.S. cities have experienced a slew of cyber attacks including New Orleans, Pensacola, Florida, Galt, California and more. Even New Orleans, a city that was comparatively well-equipped to handle cyber attacks, continues to deal with an attack that has cost an estimated $7 million in damages and shut down all of City Hall’s operations including the system to pay property taxes.

Governments have become a target of choice for ransomware attacks, and as new attack vectors emerge through the interconnectivity and scale of smart networks, this trend will likely accelerate.

Municipalities lack the budget to monitor and defend the attacks

Smart cities promise interconnectivity to improve everything from traffic congestion, city maintenance, energy efficiency, public safety and more. At face value, this may sound ideal, but behind the scenes, they’re building complexities that may outpace the capability of these cities to monitor and protect sensitive data and critical infrastructure. Examples include the addition of exabytes of data to the network, and many additional layers, such as massive IoT sensor deployments used to track data in real-time.

Current cybersecurity solutions are not able to cost-effectively scale in order to fully monitor the burgeoning networks. Small governments with limited budgets are especially vulnerable to bad actors. In fact, the U.S. Senate unanimously passed the State and Local Government Cybersecurity Act in November 2019: its aim is to create new grants and other programs designed to help states and localities with their cybersecurity efforts, especially those that have been struggling to fend off ransomware attacks and other threats.

This might eventually be enough to help them stave off attacks in current networks but not as they blossom into smart networks and connect with new systems and applications.

Ransomware “rules of engagement” will become more sophisticated in smart networks

In general, ransomware tends to be an attack that focuses on shutting down systems to halt access and operations, but it’s only because the attackers have chosen to set these parameters. Interconnectivity in smart networks will allow bad actors to gain access to more critical data and operations than ever before.

If malware enters a system, such as city hall, it can also potentially gain access to the energy grid, police stations, or smart traffic cameras. It empowers criminals to hold more data hostage and raise the stakes even further, while also increasing the threat to citizens’ lives.

There have already been recent examples of new evolving twists compared to traditional ransom demands. Maze Ransomware, the self-proclaimed attackers of the recent Pensacola, Florida attack, mentioned during a BleepingComputer interview that they have stolen and encrypted data that they threatened to leak should their $1M ransom demand not be met.

It isn’t hard to imagine how complex and dangerous demands could become if these same bad actors gained access to wider network information in smart network systems including election records, crime information, traffic pattern data and energy grids.

Cities must lean on AI to defend against ransomware

Cybersecurity solutions and malicious actors are always on a competitive battleground to use the latest technology to gain an upper hand. Artificial Intelligence has become that next arms race in cyber warfare, as networks simply become too large to appropriately monitor and protect with existing technologies.

Although machine learning-based cyber attacks are still rudimentary, they still can be devastatingly effective. Municipalities must act to deter these innovative cyber attacks now, before even more sophisticated machine-learning methods evolve.

Cybersecurity solutions that aren’t rooted in AI simply cannot monitor and defend expansive smart networks, nor can their defenses scale at a rate to keep pace with network growth. A solution to this critical dilemma comes through a new breed of machine learning that allows security officers to monitor a small percentage of data traffic at different layers of the network, to predict and assess all network traffic, then locate and remediate anomalies.

As cities become increasingly interconnected, there will always be a double-edged sword to innovation. On the one hand, the use of networks and data can improve the quality of life, but on the other hand introduce new threats that pose increasingly dangerous outcomes.

Innovation without adequate security is a slippery slope that will lead to undesirable outcomes. Until municipalities take significant steps to surpass the technology being deployed by their cyber enemies, it’s reckless to develop and implement smart infrastructure.  

What’s hot on Infosecurity Magazine?