Could smart city malware be spread via motorways and highways?

The future of the smart city: the infrastructure demands at play, transportation, the role of data and the very real threat of malware

Could smart-city malware be spread via motorways and highways?

Smart-city networks are sliced and comprised of multiple virtual interfaces. This means that the infrastructure operates as a distributed service. Multiple service providers can use the same cloud, but are isolated and orchestrated

Let’s start with a non-technology related analogy.

Over the last twenty years the increasing number of cars on our motorways/highways has caused a surprising environmental problem. Cars driving at speed create a wind-tunnel effect, which in turn can pick up seeds and spores from plants, spreading them to places where they would normally not have grown. In one British case, a seaside plant which used to be native to coastal areas is now commonplace on motorway central reservations up to 100 miles inland.

Now, let’s consider smart-cities (and please bear with me, all will become clear). These are the ultimate combination of information and communication, combined with IoT to manage assets within a city.

>See also: Evolution of the Internet of Unnecessary Things

It is estimated that by 2030, six out of 10 people will live in a smart-city, making infrastructure and technology demands anytime and anywhere, as well as seamless access, as they move around (which incidentally also fits nicely with Juniper’s vision of Digital Cohesion).

A critical smart-city component is transportation; sharing data inside and between cities to improve traffic flows (people and vehicles), provide on-demand public transport and enable road enforcement (for example: pay as you drive).

Broaden this out and it becomes clear that this data cannot just be shared inside a single smart-city, but also needs to be available for movement of people and resources between cities.

This is where our earlier analogy becomes relevant, but instead of depositing spores that grow into plants along a motorway, connected-cars are collecting and transporting data to share between cities.

Cars will become smart enough (whether by design, or by adding black-box technology) to know where they came from and where they are going. The same for the passengers – connected to their home city; perhaps with a connected apartment key or a mobile phone application. This data may be statistical in nature, but it could also be identity related – to help with PAYG services or even simply allowing access to a local gymnasium.

>See also: Debunking myths about IoT projects

This is fantastic, but there can be a downside. Cars driving and while moving plants inland may all be very pretty, but what if they had a negative impact on the ecosystem? Perhaps they could damage crops, or be poisonous to livestock.

The same potential exists for the smart- city. What if it were possible to ‘infect’ a car with malware during an update at its home location, and then spread that malware when commuting to work or visiting friends? A city-wide DDoS attack or someone taking control of the water supply – that could all be very scary, indeed.

To counter this, architects must include secure technology in the design of smart-cities; the potential for serious implications of an attack means that security should be foundational in the design blueprint, not an afterthought.

To keep good stuff on the inside

Smart-city networks are sliced and comprised of multiple virtual interfaces. This means that the infrastructure operates as a distributed service. Multiple service providers can use the same cloud, but are isolated and orchestrated.

This can be achieved with Juniper Networks using a combination of MX Series routers with both SRX and vSRX Series firewalls, managed with Juniper Contrail Service Orchestrator to monitor the network and map services to appropriate secure gateways.

>See also: The smart nation: Singapore’s masterplan

To keep bad stuff on the outside

The software-defined secure network (SDSN) provides policies and detection – leveraging the network as a point of enforcement, whilst including external security intelligence feeds and cloud scale. SDSN is centrally orchestrated and has a policy engine that dynamically adapts to threat conditions, allowing policies to execute against the network automatically.

Whilst people can’t be blasé, they think that this could be an example of technology having the leap on malware development. Smart-cities should be designed from the ground up with security and data-protection in mind.

There is the potential for malware to spread, for example, via connected cars, but with technology we can alleviate this fear. Smart-cities are something we should embrace, as we believe they will make the lives of people who live and work in them better.

 

Sourced by Laurence Pitt, security strategy director at Juniper Networks

 

Nominations are now open for the Tech Leaders Awards 2017, the UK’s flagship celebration of the business, IT and digital leaders driving disruptive innovation and demonstrating value from the application of technology in businesses and organisations. Nominating is free and simply: just click here to enter. Good luck!

Comments (0)