Ransomware: It's only a matter of time before a smart city falls victim, and we need to take action now

Ransomware groups go after targets that downtime causes the most disruption for. That means an insecure 5G IoT connected city could be a prime target for extortion attacks.
Written by Danny Palmer, Senior Writer

Ransomware attacks are going to get worse – and one of these attacks could eventually take out the infrastructure of an entire 5G-enabled smart city, a cybersecurity expert has warned. 

Cyber criminals deploying ransomware regularly target government services. Not only do public sector IT budgets mean networks are less secure against attacks, but these networks are also used to provide vital services to the community.  

In some cases, local government agencies might pay the ransom to decrypt the network and restore services, making them ideal targets for extortion.

SEE: The Privacy Paradox: How can businesses use personal data while also protecting user privacy?

Urban infrastructure, including emergency services, transport, traffic light management, CCTV and more, are increasingly becoming connected to 5G Internet of Things (IoT) services and sensors in order to collect data that can be used to provide better, more efficient services. 

But while connected cities have the potential to improve urban services, any lack of security in IoT devices could make them a very appealing target for ransomware attacks – and, given the current ransomware climate, it's not a matter of if, but when.

"I look two years out and my prediction is a 5G smart city will be held for ransom. I don't see anything happening right now that tells me that this prediction is not going to come true," Theresa Payton, CEO of Fortalice Solutions and former CIO at The White House, said in an interview with ZDNet Security Update

There have been many cases of cities and public infrastructure being compromised by ransomware – and it can be extremely disruptive. When cyber criminals attack hospitals with ransomware, for example, the nature of the industry means that in many cases – but not all – health service providers feel as if they have no option but to pay. 

And the continued success of ransomware attacks means going after connected infrastructure is the logical next step for cyber criminals. "I just don't see enough progress being made that we're going to be able to eradicate ransomware – I see it getting a lot worse, unfortunately, before we really figure out how to tackle it and it gets better," said Payton, adding that cyber criminals "really don't care what the downstream impacts are; they're just trying to make a buck". 

However, measures can be applied across smart cities to help protect them against cyberattacks.

SEE: The cybersecurity jobs crisis is getting worse, and companies are making basic mistakes with hiring

Guidance on smart city security from the UK's National Cyber Security Centre (NCSC) recommends that cities should only roll out devices from trusted vendors, and that no IoT device on the network should use the default username and password, as this makes them easy targets. 

Organisations should also regularly check to see whether credentials belonging to employees with high-level account privileges have been exposed in a data breach. If so, passwords – and perhaps even account names – should be changed in order to reduce the risk of them being abused by ransomware groups or other cyber criminals. 

"Look for those email accounts, look for those passwords and think about actually abandoning email accounts that are in password data dumps that have access to core systems," said Payton. 


Editorial standards