At a recent infrastructure conclave, a senior official of Niti Aayog was counting on the numerous ‘smart features’ of Delhi, when he was interrupted by a woman delegate. “With all the initiatives, is it safe to walk for a women alone in the street after 10 pm at night? If not what is the use of it for us,” asked the delegate, leaving everybody uneasy in the room.
The criticism was not unwarranted. As the government is working to create 100 smart cities, there are some uncomfortable questions that needs to be answered by the authorities. What will happen when there is a sudden terror at-tack? Are our cities prepared to face natural calamity and disaster? Is our police system well-equipped to handle cyber security threats? Is it safe for a woman to walk alone in city streets? Are tourists and migrants feeling threatened in the city? Who is responsible when a smart city crashes? How well prepared is the city administration to respond to any kind of emergency situation. These are the questions that require detailed scrutiny before we move towards creating smart cities.
City Surveillance
One of the main ingredients for safety is city surveillance. Our cities are vulnerable to multiple risks of terror attack, increasing crime rates, rising incidents of crime against women and various communal clashes and social unrest. According to Anand Navani, country manager, Verint Systems, a company providing video intelligence solutions “technology can be a key enabler in making our cities safe. Modernization of police force and enabling them to have access to latest technologies will go a long way to increase the efficiency of the whole system in a smart city,” says Navani.
Verint Systems has collaborated with Surat, Pune and Mumbai. “All of these projects aim at providing CCTV coverage at critical points across the city with trained officials stationed at a centralized command control center to view and analyse data collected. Then they can implement and analysed on a real time basis, not only to punish criminals but also to prevent future crime,” says Navani.
According to a report ‘Role of Surveillance in Securing Cities’, released by the Smart Cities Council, “Indian video surveillance industry is expected to grow at 13 per cent from 2016-2022. Apart from Mumbai, other cities like Pune and Surat, Nagpur, Bhubaneswar and Jaipur are already installing CCTV camera for effective city surveillance and are adopting a command and control system. However, security experts claim that just installing cameras is not enough. The cities still has a long way to go, so far security planning is concerned. There is still no coherent blueprint for surveillance and there is lack of unified vision for the emergency response system in case of any possible threat. Cities require smart analytics which can be used to get the real time data to give timely warning to the concerned authorities.
“Cities have a shortage of workers with security skills as well as inadequate budgets, training, and re-sources to help workers develop these skills. And in-vesting in security is a money well spent. Private investors will invest only when the city is safe. A safe city in itself is an important parameter of investor’s confidence for long term,” Nanvani added.
Internet of (Insecure) Things
While technology can be used to safeguard our cities, technology itself can create a security nightmare. The fact that everything from traffic lights to public trans-port, from power plants to water supply go on the internet, there is a catastrophic risk. For example, two months back someone used mobile phone to run porn clips on the display board at Rajiv Chowk metro station. The incident may seem like a work of some bored mind but hackers will find any vulnerability to tap into and the risk can be greater. In 2008, a 14-year-old Polish student hacked into the Lodz tram system with a modified TV re-mote and derailed four trams and injured 12 people. An-other example was when Ukraine suffered power cuts during Christmas in 2015, following a series of cyber at-tacks on three local energy companies. The hackers were suspected to be from Russia and their identity remains unclear. Another serious example is when hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras, eight days before President Trump’s inauguration, forcing major citywide re-installation efforts. The ransomware attack left police cameras unable to record between Jan. 12 and Jan. 15 and affected 123 of 187 network video recorders in a closed-circuit TV system for public spaces across the city. Such incidents can have serious political implications, especially when the hacker is from a rival nation. This makes for an instructive case study illustrating the multifaceted nature of today’s cyber attacks, and the vulnerability of organisations and cities. Even a hacked traffic control system can turn the city into chaos. Cities across the world are facing such attacks.
Need of a Social Vision
Law and surveillance itself is not enough. What is required is a strict law enforcement along with technology, even nature of crime is changing and getting digital. Thieves can walk away with an ATM’s stash by just using a laptop, some wiring and a hole in the ATM and such incidents are already happening across Russia and Europe. Connected devices and internet has exposed the city infrastructure and services to new set of security threats which are lurking in the cyberspace, right from international hackers and terrorist organizations.
A report out by Cyber Security Ventures predicts that global annual cyber crime costs will grow to $6 trillion by 2021 which includes destruction and theft of data, stolen money, lost productivity, theft of intellectual property, fraud and damage of infrastructure data. One of the most notorious cases is the distributed denial of service (DDoS) attack on DNS services supplier Dyn last October that hijacked IoT devices to temporarily shutting down popular web services, including AirBnB, Amazon Web Services, Netflix and Zendesk. The recent ransomware attack which affected 123 countries including India, just exposed our vulnerability and stakes are higher.
Hackers can tamper with traffic control systems, smart street lighting, city management systems that control work orders or other facilities, public transportation, cameras, smart grids, wireless sensors that control waste and water management or mobile and cloud networks. According to a report from Cesar Cerrudo, chief technology officer of the Seattle based security company IOActive Labs and cyber security expert.
This all may look at a remote possibility but the vulnerability cannot be ruled out. Imagine a situation in which hackers take out the smart grid and demand a ransom in return for restoring power or stop our water supply. Last year, a Chinese hacking group was caught infiltrating a water control system for a US municipality.
“Security problems in cities are real and are current. Cities and governments around the world have to get their act together. Governments are not enforcing cyber security in many ways. Vendors don’t have any reason to provide more secure solutions because governments do not test the security. They just have a checklist and believe whatever the vendors say,” Cerrudo added.
Globally Governments are investing in technology to protect the cities from such high tech threats. For Example, Australian Government announced the launch of its AU$730 million “Next Generation” Technologies Fund to incubate “creative solutions” to protect the nation from new threats. India also requires to invest in future technology as our cities are going online. We have to ensure that our infrastructure is safeguarded against the possible threat. Cities need cyber security leadership to do vulnerability assessment and incident response planning. Lack of security standards for the vendors are exposing our city infrastructure and public services to huge security risk.
The Smart city concept note highlights a smart grid to be resilient to cyber attacks and the government has already proposed a National Cyber Coordination Center. Some initiatives are taken in this direction. National Cyber Safety and Security Standards have been started with a vision to safeguard the nation from the current threats in the cyber-space, and to prevent cyber crimes.
The Way Out
A strict law enforcement along with heightened social awareness and sensitizing citizens is the need of the hour and it involves a political vision and will. Combative policies are neither sufficient nor appropriate for responding to all threats and vulnerabilities, for example the problem of Naxalite or separatist movement in
Kashmir and North-East require fresh socio-economic approach to respond to crime and militancy. Security audit is a must. For safer cities, every stakeholder, which includes many Government departments, police, emergency response system and citizens must work in sync. Cities need to develop emergency plans that provide step-by-step procedures to follow during a natural disaster, a terror attack and need to educate people on how to react. Fast and effective action can be a key to preventing bigger problems, including citywide chaos, social unrest and an effective and alert policing system. Without this smart cities will turn dumb in the course of time.