Technology is advancing at an exponential rate, but cybersecurity is not keeping up.
Just over two decades ago, a newspaper ran an article claiming that the Internet “may be a passing fad, as millions give up on it.” The Internet was novel, but clunky and slow. Today, through various technologies, the Internet can connect nearly anyone to anything.
Through your smartphone, you can control your home’s thermostat while away, preheat the oven while on your way home and have your garage door open when you pull into the driveway. You can see who is ringing the doorbell while you’re across town and you can use voice commands to play your favorite podcast on your car radio.
Similarly, industries can remotely monitor and manage nearly every aspect of operations. There’s no need to have a human manually check tank levels or apply chemicals when sensors can report to a software interface that alerts an engineer to act remotely miles away.
These are all great advancements that reduce cost and waste, improve safety, and add convenience. However, they are all still part of complex computer systems that have flaws.
Cybersecurity not meeting current threat levels
The risks associated with these technologies range from minimal inconvenience to cascading failures of critical systems.
In February 2021, a water treatment plant management system in Florida was remotely accessed by an unknown entity who released a large amount of sodium hydroxide into the public water supply, intending to harm civilians. Thankfully, the situation was contained before anyone was harmed.
In the wake of a Russian cyber-attack on Ukraine in 2017, a global logistics system was offline for weeks due to a cyber-weapon known as NotPetya, which disrupted supply chains worldwide and impacted thousands of other companies.
Even after global disruptions like NotPetya and the various ransomware attacks in 2021 (one of which caused a major petroleum pipeline to shut down), countering cybersecurity attacks is still a huge challenge, due to complex factors such as networks, operating systems and databases.
Coupled with the demand for new technology to meet delivery deadlines, this results in security defects that could be exploited by a security researcher, a nation state, or cybercrime syndicate.
As we move toward a future smart city of connected digital ecosystems, cyber breaches of this nature will only increase if left unguarded, while the impact of such breaches will be even greater. Therefore, we must make sure that technological advancements across our cities and societies are developed hand in hand with stronger cybersecurity. The risk of not doing so could be devastating.