Justin Fier
Some of the most significant ransomware attacks of the past year were waged against US cities and local governments, resulting in critical data being encrypted and vital services disrupted. The recent spate of ransomware attacks have brought to the fore the vulnerabilities that connected infrastructure and public services face in the wake of increasingly sophisticated and fast-moving threats.
Today’s automated malware often strikes at machine speed, rendering city officials justifiably concerned that an attack – even one that breaches just a single smart device – could move laterally to encrypt or hijack an entire network in minutes.
The prospect that our cities could be crippled by ransomware is a frightening one, but it’s a threat that many smart cities are already prepared for.
If It’s Smart, It’s Vulnerable
What was once the concrete jungle is fast becoming the Internet of Things (IoT) jungle. Across smart cities and municipalities around the world today, smart devices are streamlining trash collection, improving energy distribution and air quality, and reducing traffic congestion.
These innovations are important for improving the lifestyle of a city’s habitants while reducing energy usage and other pollutants. But a connected world is a hacker’s playground, with every Internet-connected smart device serving as a potential entry point into a wider digital ecosystem, containing sensitive personal data, and granting access to interfere in these smart systems.
Over the years, Darktrace has used artificial intelligence to uncover countless vulnerabilities in these devices that were unbeknown to human security teams or traditional security controls. This includes a parking meter that was compromised and used for cryptomining and a smart locker that was used as an entry point into a wider organization. These IoT blind spots offer cybercriminals the opportunity to hit cities where it hurts and secure the ransomware payout they crave.
States of Emergency
When it comes to cities, the potential impact of a breach is severe. We normally think of ransomware in terms of financial losses, and while this remains a significant part of the risk posed to cities, there are graver dangers to consider. With processes like traffic control and air quality monitoring connected to a city’s digital environment, public health and safety becomes entangled with cybersecurity. We need to look no further than the Colonial Pipeline incident in May for evidence of ransomware’s potential to cause major disruption to the daily lives of ordinary citizens.
Making smart city systems resilient against ransomware is a task too great for humans alone. Ransomware encrypts data at computer speed, outpacing the human’s ability to respond. What’s more, traditional security tools often fall short in the face of these attacks. Because they rely on data drawn from past attacks, these rules and signature-based approaches are fundamentally unprepared for novel attack scenarios – and in smart cities, where new technologies are deployed fast and often, the number of novel exploits available to attackers can be much higher.
Cities Getting It Right
A growing number of cities are waking up to the reality of this threat. Today, hundreds of cities, municipalities, and providers of critical national infrastructure in the US and beyond have embraced artificial intelligence (AI) to detect and neutralize ransomware in seconds.
With AI, these cities learn what is "normal" for each digital environment without relying on rules or signatures. From this ever-evolving understanding of a city’s unique digital ecosystem, the AI is able to autonomously identify and respond to malicious activity the moment it transpires – even novel threats previously unknown to the security community. In this way, AI is empowering smart cities to embrace digital transformation with confidence by stopping novel attacks that evade other systems.
No two cities are alike. That’s why AI learns from the ground up, with no preconceptions, incorporating network, email, SaaS, cloud, and endpoint activity into detection efforts and operating across both IT and OT systems – all in a unified approach. The complexity of smart cities is AI's sweet spot.
The City of Las Vegas has used this technology to fend off cyberattackers since 2014. The more dynamic the city becomes, the more data points the AI has to inform its decision-making. And the number of cities arming themselves with this technology is growing: Westland, Mich., Santa Monica, Calif., and Fort Lauderdale, Fla., are on the growing list of cities and municipalities with AI on their side.
When ransomware strikes, these cities are in a unique position to fight back in seconds. After all, a city can only move as fast as its slowest component. If smart cities are the future, they definitely don’t have time for cyber disruption.
No comments:
Post a Comment