Lola Ripollés, a teacher at EAE Business School, warned that “many cities are implementing new solutions without first testing their cybersecurity.” And Borja Adsuara, an expert in Law, Strategy and Digital Communication, stated that “the greater the dependence on technology, the greater are the risks for the security of individuals and families, of companies, government, critical infrastructures and national security.”
Ramón Ferri, head of Valencia City Council’s Smart City Office, explained that “the main risks for smart cities will come from the use of emerging technologies, both in security and privacy.” And he said that “security in the connectivity infrastructure and, above all, in the deployment of Internet of Things devices has yet to be developed in an integrated way.”
David Bueno, CIO of Malaga City Council and manager of the Municipal Computing Centre, reported that one of the current trends is to equip cities with sensors and use IOT (Internet of Things) devices to monitor and control a large number of things. “People love it when they can monitor the city with video surveillance, and query or modify the status of sensors. But if these solutions don’t include safety as a main design feature, that initial happiness may be short-lived.”
Finally, Antonio Merino, manager at Mataró City Council, pointed out that the risks with smart cities are quite complex. “For example, they are also important for coping with natural hazards caused by climate change, and the lack of capacity in some infrastructures, and with health hazards. And, obviously, one of the biggest risks is “a possible failure or hacking of technology systems that control things like traffic lights or street lighting,” he said.
Merino pointed out that “to minimise hacking risks, some cities are beginning to build urban resilience systems, which try stressing different systems and infrastructures to determine their maximum capacity and the risks associated with it.” He added that to minimise mobility risks and traffic accidents, traffic regulation systems are being used. “Our Police, for example, are implementing a real-time simulation system to identify potential threats and redirect traffic, identifying faster routes or available parking areas.”
Ramón Ferri clarified that in order to avoid personal privacy obstacles, “rapid progress is being made in European and Spanish legislation to safeguard these rights, but much still remains to be done in this area.” And David Bueno warned that in smart cities, “failures such as devices with default passwords or unencrypted communications, can leave the door open for unauthorised access, allowing a third party to take control of lighting or video surveillance cameras, for example.
Lola Ripollés spoke about the development of industrial control systems, such as SCADA (Supervisory Control and Data Acquisition), used to manage and remotely monitor complex industrial processes such as electricity generation and waste water treatment. And she warned that “vulnerabilities in such systems can leave the door open to cyber attacks on physical infrastructure that could potentially disrupt essential services for millions of people.
Concepción Moreno of the EOI (School of Industrial Organisation) Foundation said that “if private sector interests are not balanced with the public sector and the real needs of the city, there is a clear risk that the process of urban transformation will fail to improve the lives of ordinary people or will do so only for some sectors of the population. She added that “smart cities risk generating urban development excessively oriented to business development.”
As Borja Adsuara concluded, “there’s no such thing as 100% security, either on the Internet or in the physical environment, but we have to strive to achieve reasonably secure technology.” And he added that “where technology security cannot be achieved, there must be legal safeguards with rules that assign responsibilities and allow prosecution of those who behave illegally.”