Smart cities, smart economy, smart everything: consider and solve security risks
Technological innovations accompany cities, municipalities and economic sectors into a sustainable, modern and liveable future. In addition to many opportunities, smart technologies and the networking of systems also entail risks: cyber-attacks paralyse supply areas, steal sensitive information and cause enormous financial damage. In the area of public administration in municipalities, cyber-attacks pose active threats to the security of public life and citizens.
Cyber-attacks on infrastructure and administration on the rise
The ransomware incidents in recent years impressively showed how one wrong click could paralyse an entire authority – not only simple office networks but also sensitive health or energy supply systems. Even unplanned access, changes or misconfigurations can have fatal consequences. The number of cyber-attacks is steadily increasing, with a significant impact from the Corona pandemic and the war in Ukraine.
A major challenge is that cyber security often has to be implemented retrospectively because the systems used were never designed for connection to the internet and other information systems - or because security aspects were simply not or not sufficiently considered during product development.
For this reason, critical infrastructure and administration are now at the top of the list of the most popular cyber-attacks. Incidents through ransomware or third-party access are increasing. Also, publicly accessible control systems of solar plants, biomass CHP plants, waterworks, video surveillance systems, etc. are frequently searched for, found and exploited for cyber intrusions. Many of the attacks do not have a certain target - they hit organisations that do not yet take their defence seriously enough and lack guidelines, suitable means or simply time.
Modern cybersecurity technologies and best practices also achieve very good results in the area of critical infrastructure and administration, so that a good protection concept is also possible for grown and outdated systems. When selecting new products and especially smart technologies, it is advisable to make the security aspect a selection criterion and to hold manufacturers and suppliers accountable.
Perfecting well-known methods of attack
Information security has already established certain security standards. Anti-virus software is part of the basic equipment, at least on stationary devices. Typical gaps in the cyber strategy are found on mobile devices. There, professional and private data often merge and they are online around the clock and download documents and apps without any protective measures. Here, too, virus protection should be standard. It is even available free of charge. In the corporate context, companies need to implement guidelines and data protection requirements consistently. Otherwise, the back door to the network is virtually open to cyber criminals.
Attackers are constantly perfecting established attack methods. It is no longer a disgrace not to be able to recognise spam mails and phishing attempts with the naked eye, even as a trained user since they do not contain spelling mistakes, absurd content or fake domains. Attackers also benefit from new technologies, knowledge building and networking.
The detection of malicious code or spam mails is often only possible using highly technical procedures, behavioural analyses, artificial intelligence or sandboxing. Sandboxes execute and analyse files or websites in a secure, isolated environment before delivering it to the network. These procedures are state of the art for the defence against targeted attacks, which are specifically tailored to a victim system and which must be taken into account, especially in public provision.
Big data plays into the hands of cyber defence: the use of threat intelligence, concentrated contextualised information about attackers and their methods helps to detect and understand attack attempts more quickly. Organisations and security providers around the world are collecting and linking their analyses and observations into a security network of relevant data, enabling faster and more efficient responses.
Respond quickly and correctly to security incidents
Cybersecurity remains an ongoing open item on the To-Do-List of IT teams. Just as attack scenarios evolve to find new ways and vulnerabilities into systems, defenders must keep pace.
Even if all security standards are fulfilled, the question should not be if, but when an attack will break through the established lines of defence. It is important to be prepared for this eventuality at all times with a well thought-out incident response plan as part of a holistic protection concept.
Not every malware infection or system intrusion has to result in serious security breaches. Responding quickly and correctly to suspicious activity or security incidents can significantly reduce potential impact. Through data analysis, organisations can take targeted preventive measures against detected vulnerabilities and possible follow-up attacks so that the security incident ultimately helps to strengthen cyber defences and system resilience.
Cybersecurity as a topic at CSPF
At the meeting of the European city network "Cities for Sustainable Public Finances" (www.cspf.eu), author Joe Pichlmayr presented cybersecurity challenges for cities and citizens. His urgent appeal was that cities and the public sector in general need to prepare for increasing cyberattacks. The cities then discussed their cases and how IT security can be financed sustainably. A summary of the CSPF meeting in Vienna can be found here.
Related
News
