I was fortunate to participate and present at the 2019 Smart Cities Summit and Expo in Taipei, Taiwan last week representing Canada’s leading cybersecurity Industries in a visit facilitated by the Alberta Taiwan Office and the Alberta Economic Development and Trade – Trade and Investment Attraction Division. There, I talked to the growing security issues that are coming to light and that will need to be dealt with as cities around the world develop themselves into “Smart” cities. On a very high level view, Smart Cities are just like a very large computer; just with way more attack surfaces. As city resources and services become more intertwined and interlinked, we are seeing that Operational Technology (OT) Networks (i.e. water treatment plants, power plants, etc.), along with regular IT networks increasingly lacking the “Air Gaps” that had previously been put in place to protect many of these critical networks.
Unsecured links between the IT and OT environments are thus open to various vulnerabilities with the three most worrisome attack vectors that include:
1. Process Destruction – where critical systems that are connected to control systems in these plants can be co-opted by hackers and malware; leading to the disruption, of say, electricity distribution processes..
2. Equipment Sabotage – where business applications, that exchange information with critical devices in order to operate, are hacked, leading to the equipment being destroyed (e.g., security camera hacks to the firmware).
3. Market Fraud – where malware can get into business systems and fake data, potentially moving markets with erroneous or false information.
With the proliferation of IoT devices connecting to the city networks, gathering and feeding up immense amounts of data, many of these standalone devices are too underpowered to defend themselves. This is where the discussion of security becomes very critical. How does a smart city protect and defend itself from the ever-growing entries of attack?
That’s where Wedge’s Vision comes into play. At Wedge, we’ve built our company focus on this simple analogy – Water Treatment. In developed countries, water is processed and cleaned of all impurities at strategically located water treatment plants. As a result, all taps and endpoints that are connected to this system have access to clean water, free of germs, contaminants and other impurities. We believe that the Internet could and SHOULD work in the same manner. Internet traffic could be filtered and cleaned of all spam, viruses and other malware, at the network layer; allowing all endpoints connected to the network to be delivered content that is completely free from exposure to malicious attacks.
By having all of the “heavy lifting” and content cleaning taking place at the network layer, the underpowered IoT devices no longer have to worry about being attacked or co-opted by hackers and other actors with malicious intent.
Because of Wedge’s focus and vision, we’ve built our products and services around making our Water Treatment Plant analogy a reality for the Internet. Wedge’s underlying network security platform utilizes our patented Deep Content Inspection, which allows full visibility into the traffic flowing through the network, and orchestrates it with best-in-class security services. In real-time, we are able to take that content and use massive multi-threading and various inspection engines and heuristics to scan the content for viruses, spam, malware and other malicious content, detecting and blocking before it can reach the endpoints. Combined with a single-pane-of-glass management console that can manage all connected devices for compliance and security policies as well as in-depth actionable analytics that can detect anomalies in the network and related to these devices, Wedge’s platform is built to be THE platform and tool-of-choice for those providers that are helping to manage Smart Cities.
Utilizing the Wedge network security platform as part of the larger management system in Smart Cities can help to counteract the growing security issues facing these cities. By protecting the increasing attack surfaces through the centralized cleaning and filtering of the internet services that are linking these IoT devices, Smart Cities should be able to continue to develop; reaping the benefits and efficiencies that come from making the cities “Smart”.