F-Secure comment on NCSC smart city principles
May 2021 by Tom Van de Wiele, Principal Security Consultant at F-Secure
Following the news that the NCSC have released principles about securely constructing smart cities, Tom Van de Wiele, Principal Security Consultant at F-Secure shares the following words:
“Smart cities make life more efficient and have been around for a while, but they do invite privacy and security risks. Ultimately, there is a real risk for harm from unsecured networks that share data from sensors and analysis tools. The high degree of connectivity in these technologies means that an attacker could, potentially, take malicious action across the entire UK with ease if proper security measures such as segregation of networks and fallback processes are not enforced and properly tested.
A nation state, a serious organised crime group or attackers wishing to harm critical, national infrastructure without direct loss of life could create countless amounts of chaos. Threat actors on the prowl looking to abuse smart city networks and its decision-making patterns really are viable threats and isn’t far off from what we saw happen at the Florida water plant hack in February. The possibilities for attack are relatively endless.
Striking the right balance between efficiency, privacy and security is important so it’s no surprise the NCSC are setting out guidelines to get a hold over some of the risks”.