In a recent article, Smart cities around the world were exposed to simple hacks, CNET reports that security researchers from IBM and Threatcare have identified 17 new vulnerabilities in smart city systems used across the world. These vulnerabilities would have allowed cyberattackers to maliciously alter vital metropolitan systems that manage traffic signals and issue flood warnings.
In an effort to make cities more efficient and appealing places to live, municipal leaders around the world are investing in internet-connected systems that include distributed devices and sensors. These connected infrastructures detect fire alarms across Louisville, Kentucky, detect floods in Argentina, control streetlights in France, and monitor traffic in Massachusetts.
While these technologies can improve city life, vulnerabilities in connected infrastructures can affect and possibly endanger millions of residents. To compromise these systems, attackers only need to uncover and infect an unprotected network, device or sensor. And the challenge for security teams increases as the number of devices and interconnected systems grows.
Unfortunately, current centralized IT security models are not designed to protect the number and variety of devices and applications in the field that comprise connected infrastructures, especially since these assets are often owned by multiple entities now sharing the same common network or networks.
To defend against infrastructure cyberattacks, municipal IT teams need a security technology that provides decentralized identity and access management to authenticate users and control their access with a consistent approach across multiple organizations, various networks and types of devices.
By adopting decentralized security technologies, municipal IT organizations can easily tamperproof, protect, and track all infrastructure, apps and interactions to ensure trust and integrity. These decentralized security technologies can help protect residents by managing user, device, and application identities, passwords, credentials, and access control policies with a single platform across distributed assets and applications from multiple vendors and organizations. Decentralized architectures also eliminate any single points of failure or compromise with protection getting stronger with more devices and applications added.