January 20, 2025No Comments

Assessing the Cybersecurity Challenges of Smart Cities 

by Wesley Issey Romain & Giulia Saccone - AI, Cyber Security & Space Team

Introduction

The emergence of the “smart city” as a concept in the 1980s and a reality in the mid-2000s coincided with the rapid development of technology and internet worldwide. Two decades later, in 2024, growing urbanisation, environmental concerns, social and governance issues, shifting lifestyles, and economic and residential attractiveness contribute to deeper reliance on digital tools and emergent technologies, such as Internet of Things (IoT) devices and artificial intelligence (AI). Consequently, protecting smart cities’ infrastructures, networks and IoT devices against data theft, sabotage, surveillance, ransomware, terrorism, and other cybercrimes – whether from state-sponsored hacker groups or non-state actors – is crucial for government, private businesses, and civil society stakeholders.

This paper argues that despite the constant and multifaceted cybersecurity threats smart cities encounter, holistic and long-term solutions exist to maintain and enhance the security of their infrastructures and prevent any potential massive disruption. Our article mainly uses qualitative and quantitative data from secondary sources. It will be organised into five parts in the subsequent order:

Firstly, it will provide a brief understanding of the concept of a “smart city” and a presentation of its interpretations, strengths, opportunities, and primary stakeholders. The second part (II) will discuss the leading cyber security challenges smart cities face and demonstrate how the advent of emerging technologies and new threat actors will continue to impact smart cities’ overall safety and integrity. Finally, the third, fourth, and last parts (III, IV, and V) will each present an existing and potential solution to strengthen the security of intelligent cities’ IT infrastructures against cyber threats and disruptions.

A brief presentation of the concept of the smart city

The concept of “smart city” started appearing in academia around the 1990s; however, the notion has been popularised through IBM’s Smart Cities Challenges. Although nowadays there is not a univocal definition of a smart city, for this article, we may define them as an urban area where ICT and IoT occupy a pivotal role in data collection, anonymisation and analysis for the improvement of citizens’ quality of life, addressing contemporary challenges on a multi-stakeholder partnership. It is hence characterised by the use of diverse IoT-based systems (from smart grids to garments with sensors), which change from city to city–which implies the diverse definition of smart cities. Therefore, connectivity is the indispensable trait that every IoT device should have to join the smart city’s network, and scalability is what ensures that every project can be initially implemented on a small scale and then expanded in the wide urban landscape. Furthermore, users’ participation is vital for concretising the effects of a smart city and spotting new challenges1.  

The main sectors involved are the ones of mobility, where IoT devices, AI and 5G optimise citizens’ transportation both on private vehicles and public transportation; energy, where smart grids allocate energy efficiently based on demand; and health, where IoT timely communicates through 5G the physiological state of individuals to provide timely responses and targeted therapies. IoT implementation in housing is important not only for this latter aim but also for improving lifestyle, with a house capable of responding to our daily necessities in a timely manner. IoT paired with AI can be functional for improving surveillance and predicting crime. Recently, smart cities’ R&D has also focused on public administration and citizenship participation, boosting the efficiency of public administration and creating smart communities for boosting citizens' engagement in local politics2.

Smart cities aim to improve citizens’ quality of life by addressing urbanisation challenges through energy efficiency and responsive systems enabled by IoT devices. However, only 16% of cities can independently afford these projects due to high costs and diverse program requirements. To attract investors and drive innovation, cities use their smart city mission as a branding strategy, fostering advancements in underdeveloped but essential areas and consequentially creating long-term investments and competitiveness on the international stage. Partnerships with international bodies, research institutions, and other smart cities have proven effective for acquiring cutting-edge technology and best practices, mainly through city-to-city collaborations that bypass traditional bureaucratic channels.

The success of a project in a smart city resides in the coordination of the multiple stakeholders, which play simultaneous roles as planners, developers, implementation agents and follow-up responsible. The main actors involved are public stakeholders - namely national and local governments, administration and political institutions – that enable the coordination, monitoring and compliance of other players through policy formulation. Following, we have the private sector – composed of companies and start-ups primarily focused on the ICT field, investors, and in specific contexts, energy suppliers and property developers – that, in the case of cybersecurity, provide ICT infrastructures and investments in cutting-edge technology to boost the system readiness for cyberattacks. The Academic group has emerged as knowledge brokers, concurring with private counterparts in offering solutions in the implementation stage. Civil stakeholders – namely press, NGOs, and private citizens - play a dual role as recipients and contributors of projects, dispensing continuous feedback to the abovementioned categories thanks to advocacy and data sharing. 

The digital challenges of smart cities with emerging technologies.

Due to its incorporation of mixed technologies, software, and hardware, a smart city would inevitably be exposed to multiple cyber attacks by various threat actors. Experts have suggested that smart cities necessitate novel and inventive approaches to safeguard devices and applications, taking into account factors such as resource limitations, the nature of distributed architecture and geographic dispersion while confronting issues such as unreliable communication, insufficient data, and privilege safeguarding. Regardless of whether the cyber attack is conducted on the perception layer (sensor, actuators, RFID or GPS), on the network layer (Bluetooth, Wi-Fi, and LAN), or on the application layer (Smart Home, Health, and Grid), most common cybersecurity risks associated with smart cities can be summarised into four types.

First, the Distributed Denial of Service (DDoS) is perhaps the most documented practice of cyber attacks against a service or a network. DDoS is a malicious attack restricting digital traffic by inundating a target with excessive internet traffic, utilising compromised computer systems and IoT devices as sources. A cybercriminal could, for example, launch a DDoS attack to gain a smart city’s charging station, traffic light, or public transportation network, which could become a component of a botnet employed to disable another system. In 2018, CISCO indicated that the number of DDoS attacks worldwide was 7.9 million and had forecasted a substantial rise to 15.4 million in 2023. Additionally, most recent statistics data showed that DDoS attacks increased by 46% in the first half of 2024 in comparison to 2023, with peak attack power jumping from 1.6 Tbps to 1.7 Tbps, in which online gaming, technology, financial services, and telecommunications were the most targeted industries with 49%, 15%, 12%, and 10% respectively. 

Secondly, data exfiltration from devices such as traffic lights, CCTV cameras, parking meters, or public services servers is another significant challenge for smart cities as they gather extensive data from citizens. Public data theft violates the confidentiality, integrity, and availability of public data, as cybercriminals can use compromised information to perpetrate ransomware or other fraudulent transactions with third parties on the dark web. Privacy violations, financial loss, legal problems, and loss of trust from citizens are just a few of the damaging effects of data leaks from a city’s IoT devices. Such incidents have happened and are more frequent than one may think. For example, in July 2024, a large-scale data theft conducted by a cybercriminal group was reported in the United States in Columbus, Ohio. After the breach of private data stolen from over a hundred thousand ordinary people stored in public IT infrastructures and municipal agencies, a ransomware operation was launched, and sensitive information was divulged on the dark web. This type of incident will likely occur again as cities rely more and more on technology.

Thirdly, device hijacking is another threat associated with smart cities. Hacker groups often seek to control a device to influence the myriad of technological equipment constituting a smart city infrastructure and network. IT experts argue that IoT devices frequently possess default credentials that malicious actors can use, and weak data encryption, absence of periodic software updates, and interconnectedness render them easily compromised by hackers

Fourth, Permanent Denial of Service (PDoS) is documented as a devastating cyber risk to any technologically advanced and dynamic city. IT experts have noted that, in contrast to sporadic DDoS, which results in ephemeral cyber disruptions, PDoS causes permanent hardware damage and substantial economic consequences, potentially endangering human life in healthcare and critical infrastructure sectors

Urban areas are projected to accommodate 68% of the global population by 2050, propelled by urbanisation and demographic expansion. Consequently, such prevision, coupled with the advancement and availability of devices and digital tools, the participation of state-sponsored and non-state actors groups in malign cyber-attacks is undoubtedly a source of concern for developed and emerging countries, global cities and their inhabitants. At the same time, it should be observed that cities worldwide do not share the same level of cyber threat. As Cesar Cerrudo mentioned, while most cities possess technology, the effectiveness of smart cities varies based on the extent of technological advancements implemented. Some cities have implemented more technology while others have less.

Smart cities are expected to face several digital challenges with the availability and advent of new technologies; nevertheless, solutions and measures exist to enhance security and prevent disruptions.

Source: Illustration generated by AI

Threat detection and investments in advanced technology

Existing measures are primarily concerned with ensuring data and privacy protection based on trust, integrity, and confidentiality to prevent leaks from sensors, cameras, other IoT devices, and critical infrastructures. To support them and address the main concerns raised by industry and academia on privacy and data protection, the cybersecurity sector has focused on the mitigation of breaches in IoT for privacy protection, improving device authentication, access control, and firmware updates to provide better data anonymisation, secure data sharing and analytics for safe decision-making. A smart city is a goldmine of personal data due to its pivotal role in enhancing the quality of life of citizens and the interconnectedness through IoT. This provides criminals with a myriad of access points on devices with limited.

Blockchain technology has demonstrated a high potential solution thanks to its capacity to transmit information securely and directly. Specifically, this technology can be applied to cybersecurity to protect personal data. In the case of e-governance, it enables individuals to manage their credentials independently, bypassing centralised controlling authorities. Seoul is a fitting example: in 2018, the city started applying blockchain in its public administration, and during the same year, it developed a metaverse secured by blockchain for document issuance and citizen participation.

AI application is another game-changing technology that can boost smart cities’ cybersecurity thanks to their high computational and predictive qualities, which, applied to the fog computing layer, could protect them from cyberattacks despite their resource constraints – i.e. limited storage and RAM3. In particular, the fog layer managing the data transfer between the IoT devices and the Cloud layer provides a higher amount of computing load than those two extremes, lower latency in the communications between the IDS and the IoT, and lower energy consumption. This enables the operators to isolate the attack, repel it, and avoid its spread throughout the network, allowing an interrupted flow of smart city services. In particular, ML can be applied to both SDIS and AIDS. On the other hand, it can ease the time-consuming characteristics of updating the signature database. Regarding the latter, it can enhance the precision of attack detection, lowering the rate of false positives.

Biometrics is already used to facilitate authentication thanks to the uniqueness of individual features, addressing the constant concern for privacy and security. They have already found wide applications in the smart economy field, like the fingerprint and face recognition used by Apple Pay, face recognition for video surveillance devices of Amazon Web Services, and voice recognition employed by Amazon Alexa for telemedicine in the UK.

Strengthening and facilitating public-private partnerships

It is already visible from these few examples how private and public sectors coexist in the development of smart cities’ security, acting in synergy for optimising the outcomes of their projects thanks to risk and resource sharing and the relative reduction of costs; access to the private’s technical and management skills and the innovation enhancement for effective, creative and real-time solutions. An example is the collaboration between Barcelona’s Municipal Institute of Informatics and CISCO to implement a communication protocol for CERT and CSIRT to detect, share, respond and recover from cybersecurity threats and vulnerabilities in IoT devices.

Indeed, Barcelona is a perfect example of a smart city where public and private partnerships (PPP) can thrive thanks to companies with a sound knowledge of the local market, the involvement of all the stakeholders – citizenship included – to commit them towards the same type of projects and ease the tensions through transparency and responsibility, and trust-building practices, which are paramount in the initial phases. The cruciality of trust building is visible in the failure of the PPP of Sidewalk Labs and Waterfront Toronto, where the lack of involvement of the citizens led to tensions that resulted in boycott protests of the project. 

However, it must be pointed out that this factor is crucial in democracies, where citizenship plays an active role in shaping smart cities. Nevertheless, transparency is a value that benefits all smart cities regardless of the ongoing regime since it communicates the reliability of the projects and the worth of investing in this transformation.

Strengthening and facilitating regional and international cooperation, information sharing and dialogue among experts

PPPs are not the only method to transform and strengthen the security of smart cities; international fora, capacity-building projects, and collaboration among cities play fundamental roles. At the international level, the United Nations Economic Commission for Europe (UNECE) and the UN-HABITAT coordinate the global platform "United for Smart Sustainable Cities" (U4SSC) to encourage the transition from traditional to smart cities, which has also developed a set of key performance indicators (KPIs) for sustainable cities, a valuable instrument for agenda setting and performance evaluation adopted by more than 50 cities worldwide.

The ITU, thanks to the Smart Sustainable Cities program, supports the development of stable, secure, reliable and interoperable ICT devices for sustainable cities. The Smart Cities Council is a network of experts providing capacity building and investment programs, which, among all the objectives, aim to ensure cyber, privacy, and data protection. At the regional level, for instance, the EU provides the Smart Cities Marketplace: a platform for the various stakeholders involved in the field to improve citizens’ quality of life and increase the competitiveness of European cities and industry with respect to EU climate targets.

While at the level of bilateral agreements, Singapore has exploited its expertise to catalyse agreements from distant poles, such as China and the US, for mutual cyber capacity-building projects. Those multilevel initiatives have a common effect that addresses one of the biggest challenges of smart cities intra and interoperability: the normative and standard differences between cities, which makes PPP challenging and prevents effective data protection, the biggest concern in the research field.

Conclusion

In conclusion, despite the persistent, increasing, and diverse cybersecurity risks faced by smart cities, comprehensive and sustainable solutions are available to safeguard their infrastructures and avert significant disruptions. Firstly, it has been shown that the notion of a smart city originated in academic circles throughout the nineties. The concept emphasises mobility, energy, and health, with research and development concentrating on public administration and citizen participation. It was argued that successful projects necessitate the collaboration of several stakeholders, including planners, developers, implementation agents, and follow-up measures, to enhance the quality of life for citizens.

The second part of the article sought to demonstrate that smart cities incorporate various technologies, including software and hardware, making them vulnerable to multiple cyber-attacks from a wide range of threat actors. DDoS and PDoS attacks, data exfiltration, and device hijacking attacks are common cybersecurity dangers. The involvement of both state-sponsored and non-state actors in malicious cyber-attacks is a cause for concern for both developed and emerging nations, as well as capital cities around the globe and their populations.

Thirdly, it has been observed that investments in cutting-edge technologies to prevent cyber threats are deemed pertinent and practical. For instance, tools such as blockchain technology provide a safe and direct method for information transmission, positioning it as a viable option for cybersecurity. Besides, artificial intelligence applications can improve cybersecurity in smart cities through their computational and predictive abilities. Lastly, biometrics, characterised by its distinctive attributes, is employed for authentication, mitigating privacy and security issues.

The successful example of the city of Barcelona, introduced in the fourth part of the paper, confirmed that public-private collaborations improve security and optimise project results via risk and resource sharing, cost reduction, access to private technical and managerial expertise, and innovation. Additionally, it has been demonstrated that transparency is essential for smart cities.

Lastly, multilateral forums are part of the solution. International forums and initiatives to increase capacity building are essential to strengthening the safety of smart cities. Developing reliable, secure, and stable information and communication technology devices must be encouraged within forums such as the ITU’s Smart Sustainable Cities. Only through the listed solutions can government, public, and private stakeholders ensure that smart cities remain safe.


References

  1. Houichi, Mehdi. “Cyber Security within Smart Cities: A Comprehensive Study and a Novel Intrusion Detection-Based Approach.” p.394. ↩︎
  2. Hermann P. Rapp., and Moebert, Joechen. “Smart Cities: Investing in the urban future”. ↩︎
  3. Houichi, Jaidi, Bouhoula, 2024; ↩︎

Abaimov, Stanislav. “Understanding and Classifying Permanent Denial-of-Service Attacks”. Journal of Cybersecurity and Privacy. 2024; 4(2):324-339. Retrieved from: <https://doi.org/10.3390/jcp4020016

Admass, Wasyihun Sema., Yirga Yayeh Munaye., and Abebe Abeshu Diro. 2024. “Cyber Security: State of the Art, Challenges and Future Directions.” Cyber Security and Applications 2:100031. Retrieved from:  <https://doi.org/10.1016/j.csa.2023.100031>.

Alibasic, Armin., et al. “Cyber Security for Smart Cities: A Brief Review”. In Data Analytics for Renewable Energy Integration: 4th ECML PKDD Workshop, DARE 2016, Riva del Garda, Italy, September 23, 2016, Revised Selected Papers 4. 22-30, Springer International Publishing. 2017. Retrieved from: <https://e-tarjome.com/storage/btn_uploaded/2019-08-14/1565752729_9885-etarjome-English.pdf>

BASE. “Smart City”. May 2019. Retrieved from: <https://www.baseland.fr/en/recherches/smart-city/>

Borgeaud, Alexandra. 2024. “Global web application critical vulnerability taxonomy 2023”. Statista. February 20, 2024. Retrieved from: <https://www.statista.com/statistics/806081/worldwide-application-vulnerability-taxonomy/>

Cerrudo, Cesar. “An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks”. Technical Report, Securing Smart Cities, 1-22, 2015. Retrieved from: <https://securingsmartcities.org/wp-content/uploads/2015/05/CitiesWideOpenToCyberAttacks.pdf>

Cho, Young-Im. “Lecture 4 - Biometrics in Smart City” Lecture, September 2023. Retrieved from: <https://pb.edu.pl/iro/wp-content/uploads/sites/32/2023/09/Biometrics_intelligent_solutions_III_ON-SITE_Young_Im_Cho_4.pdf>

“DDoS Attacks Trends for Q1-Q2 2024: Insights from Gcore Radar Report.” GCORE, August 14, 2024. Retrieved from: <https://gcore.com/blog/radar-q1-q2-2024-insights/>

Department of Health and Social Care. “News Story - NHS Health Information Available through Amazon’s Alexa.” October 7, 2019. Retrieved from: <https://www.gov.uk/government/news/nhs-health-information-available-through-amazon-s-alexa>

European Commission. “Smart Cities”. European Commission. Retrieved from: <https://commission.europa.eu/eu-regional-and-urban-development/topics/cities-and-urban-development/city-initiatives/smart-cities_en>

“European Cybersecurity Test Project in the City.” 2022. Info Barcelona. January 2, 2022. Retrieved from: <https://www.barcelona.cat/infobarcelona/en/tema/smart-city/european-cybersecurity-test-project-in-the-city_1141253.html>

Gatlan, Sergiu. “City of Columbus: Data of 500,000 stolen in July ransomware”. Bleeping Computer. November 4, 2024. Retrieved from: <https://www.bleepingcomputer.com/news/security/city-of-columbus-data-of-500-000-stolen-in-july-ransomware-attack/>

Hamid, Bushraet al. “Cyber Security Issues and Challenges for Smart Cities: A survey”. 13th International Conference on Mathematics, Actuarial Science, Computer Science and Statistics (MACS), Karachi, Pakistan, 2019, pp. 1-7. Retrieved from: <https://ieeexplore.ieee.org/abstract/document/9024768>

Houichi, Mehdi., Faouzi Jaidi., and Adel Bouhoula. 2024. “Cyber Security within Smart Cities: A Comprehensive Study and a Novel Intrusion Detection-Based Approach.” Computers, Materials & Continua 81 (1): 393–441. Retrieved from:  <https://doi.org/10.32604/cmc.2024.054007>

Iberdrola, “BLOCKCHAIN4CITIES –  Blockchain Technology at the Service of Urban Management.”. Retrieved from: <https://www.iberdrola.com/innovation/blockchain-for-smart-cities-urban-management>

Institute for Defense and Business (IDB). “What Are the Cybersecurity Risks for Smart Cities”  <https://www.idb.org/what-are-the-cybersecurity-risks-for-smart-cities/>

International Telecommunications Union (ITU). “Smart Sustainable Cities.” ITU, 12/21. Retrieved from: <https://www.itu.int/en/mediacentre/backgrounders/Pages/smart-sustainable-cities.aspx>

Jayasena, N.S., H. Mallawaarachchi, and K.G.A.S. Waidyasekara. “Stakeholder Analysis For Smart City Development Project: An Extensive Literature Review.” Edited by E. Mohd Ahnuar, R. Mohd Nordin, J. Yunus, and N.A. Abdul Rahman. MATEC Web of Conferences 266 (2019): 06012. Retrieved from: <https://doi.org/10.1051/matecconf/201926606012>

Machap, Kamalakannan. & Hua Qiang. “Evaluating firewall tools and techniques in enhancing network security”. Journal of Applied Technology and Innovation, Vol. 6, No. 1, 2022. Retrieved from: <https://www.researchgate.net/publication/357553876_Evaluating_firewall_tools_and_techniques_in_enhancing_network_security>

Md Mamunur, Rashid., et al. “Cyberattacks Detection in IoT-Based Smart City Applications Using Machine Learning Techniques.” International Journal of Environmental Research and Public Health 17, no. 24 (December 14, 2020): 9347. Retrieved from: <https://doi.org/10.3390/ijerph17249347>

Medium. “Cybersecurity for Smart Cities: Addressing Vulnerabilities in Urban Infrastructure”. Emerging India Analytics, February 2024. Retrieved from: <https://medium.com/@analyticsemergingindia/cybersecurity-for-smart-cities-addressing-vulnerabilities-in-urban-infrastructure-516298a1882e#:~:text=Investing%20in%20advanced%20technologies%20such,before%20they%20cause%20any%20damage.>

Mijwil, Maad M. et al. “Cybersecurity Challenges in Smart Cities: An Overview and Future Prospects”. Mesopotamian Journal of Cybersecurity. Vol. 2022, pp. 1- 4. Retrieved from: <https://www.iasj.net/iasj/download/6b7ef8fef416253e>

Quan, Xiangyu, and Marte C.W. Solheim. 2023. “Public-Private Partnerships in Smart Cities: A Critical Survey and Research Agenda.” City, Culture and Society 32 (March):100491. Retrieved from: <https://doi.org/10.1016/j.ccs.2022.100491>

Rapp, Hermann P., and Moebert, Joechen. “Smart Cities: Investing in the urban future”. Focus Germany, Deutsche Bank Research, October 20, 2023. Retrieved from: <https://www.dbresearch.com/PROD/RPS_EN-PROD/PROD0000000000530349/Smart_Cities%3A_Investing_in_the_urban_future.pdf?undefined&realload=~FwCKBc6XEJ3FEyBsL5KPmoB9DlvuMggYIE4xFVFd1HD6M6ik7YBEvSN9~iSWgQ~>

Seoul Metropolitan Government, “Metaverse Seoul, the New Continent of Seoul.”. Seoul Metropolitan Government. Retrieved from: <https://english.seoul.go.kr/policy/smart-city/metaverse-blockchain/

Sharma, Shamneesh., and Nidhi Mishra. “Horizoning Recent Trends in the Security of Smart Cities: Exploratory Analysis Using Latent Semantic Analysis.” Journal of Intelligent & Fuzzy Systems 46, no. 1 (January 10, 2024): 579–96. Retrieved from: <https://doi.org/10.3233/JIFS-235210.>

Singapore Ministry of Digital Development and Information “Singapore and Shenzhen Drive Smart City Collaboration with 14 New Projects.” n.d. Singapore Ministry of Digital Development and Information. Accessed December 30, 2024. Retrieved from: <https://www.mddi.gov.sg/media-centre/press-releases/singapore-and-shenzhen-drive-smart-city-collaboration/>

 “Smart Cities and Smart Buildings Sector Report” European Cyber Security Organisation (ECSO), March 2018. Retrieved from: <https://ecs-org.eu/?publications=https-ecs-org-eu-documents-publications-5fdb27182b472-pdf>

Smart Cities Council “Smart Cities Council Works to Deliver Sector-Wide Upliftment through Specialized Products and Services.” 2025. Smart Cities Council. December 30, 2025. Retrieved from: <https://smartcitiescouncil.com/smartcitiescouncil/advisory/.>

United Nations Department of Economic and Social Affairs. “68% of the world population is projected to live in urban areas by 2050, says UN”. 16 May 2018. Retrieved from: <https://www.un.org/development/desa/en/news/population/2018-revision-of-world-urbanization-prospects.html>

Urban Technology Alliance “Smart City Diplomacy: A Promising Approach for Global Urban Solutions.” Urban Technology Alliance. Accessed December 30, 2024. Retrieved from:  <https://www.urbantechnologyalliance.org/2024/09/25/smart-city-diplomacy-a-promising-approach-for-global-urban-solutions/>.

US-ASEAN Smart Cities Partnership, “CET Smart City Project Pairing Initiative Sends Delegation of U.S. Experts to Singapore.” 2024.. May 30, 2024. Retrieved from: <https://www.usascp.org/us-expert-delegation/>

UTA - Urban Technology Alliance. “Smart City Diplomacy: A Promising Approach for Global Urban Solutions”. Retrieved from: <https://www.urbantechnologyalliance.org/2024/09/25/smart-city-diplomacy-a-promising-approach-for-global-urban-solutions/>

Uyarra, Elvira, Jon Mikel Zabala-Iturriagagoitia, Kieron Flanagan, and Edurne Magro. “Public Procurement, Innovation and Industrial Policy: Rationales, Roles, Capabilities and Implementation.” Research Policy 49, no. 1 (February 2020): 103844. Retrieved from: <https://doi.org/10.1016/j.respol.2019.103844>

Vempati, Smita., & N. Nalini. “Securing Smart Cities: A Cybersecurity Perspective on Integrating IoT, AI, and Machine Learning for Digital Twin Creation.” Journal of Electrical Systems, 20-5s, pp. 2817-2827, 2024. Retrieved from: <https://journal.esrgroups.org/jes/article/view/3052>

Waseem Anwar, Raja. & Saqib Ali. “Smart Cities Security Threat Landscape: A Review”. Computing and Informatics, Vol 41, 2022, pp. 405-423. Retrieved from: <https://www.cai.sk/ojs/index.php/cai/article/view/2022_2_405>

Yin, Chuantao. et al. “A literature survey on smart cities” Science China. Information Sciences58 (10), 1-18, 2015. Retrieved from: <https://www.researchgate.net/publication/281670019_A_literature_survey_on_smart_cities>

Yue, Zhai, and Ping Gao. “Understanding the Stakeholders of Smart City Governance.” Machester: Manchester Centre for Digital Development Working Paper 105, 2023. Retrieved from: <https://hummedia.manchester.ac.uk/institutes/gdi/publications/workingpapers/di/dd_wp105.pdf 

May 28, 2024No Comments

Beyond Influence: The call for strategic defence in light of China’s interference in Canada

Author: Sandra Watson Parcels – China & Asia Team

The Interim Report

Canada is currently facing a critical moment in its history as it grapples with the urgent need to protect its democratic processes and national security from foreign interference. The release of the Public Inquiry into Foreign Interference in Federal Electoral Processes and Democratic Institutions on May 3rd has prompted focus on this issue. Over the past five years, the Canadian Security Intelligence Service (CSIS) has reported on the increasing international activity of the People's Republic of China (PRC), including efforts directed at democratic institutions, government bodies, and communities in various sectors. The interim report clarifies: "Foreign interference is not done by just one country. However, China currently stands out as the most persistent and sophisticated foreign interference threat to Canada."

Chapter four of the interim report examines China's use of foreign interference tactics, highlighting intelligence data suggesting extensive use of these methods to advance its interests. The chapter details a range of interference activities targeting various entities in Canada, including government officials, political organisations, political candidates, and diaspora communities. CSIS identifies China as a significant challenge to Canada's electoral integrity.

The report focuses on the activities of the United Front Work Department (UFWD), a key entity of the Chinese Communist Party (CCP) with a substantial budget. The UFWD plays a central role in China's foreign interference efforts,focusing on influencing the Chinese diaspora, shaping public opinion, and persuading politicians to support China's policies. It specifically targets individuals with status or influence, such as community leaders, academics, elected officials, and media members. The report describes the UFWD as employing a long-term strategy that utilises both overt and covert methods to cultivate and strengthen relationships over time.

The scope and scale of China's activities in the Canadian elections of 2019 and 2021 are reported to be more extensive than those of any other state, impacting not only federal but also local officials and indigenous communities. The report indicates the UFWD's activities blur the lines between foreign influence and foreign interference. It details clandestine,deceptive, and threatening activity around the world, often by leveraging influence and exerting control over some diaspora communities. Other PRC state institutions involved in foreign interference activities include the Ministry of State Security and the Ministry of Public Security, both of which reportedly operate covertly internationally and remotely from the PRC.

Canada's Reaction

This backdrop underscores Canada's urgency in strengthening its defences against foreign interference across all fronts. Canada recognises the evolving nature of these threats and the imperative to safeguard its sovereignty and interests. While the inquiry into foreign interference represents a significant step forward in Canada's response, whether the issue has been considered with enough timeliness and decisiveness still needs to be addressed. Conservative foreign affairs critic and MP Michael Chong stated that the report is a “damning set of conclusions and findings” and that it “contradicts much of what the government has told us over that period of time.”  New Democratic Party MP Jenny Kwan said there was a “systemic failure of communications by the government to those who are targeted or impacted by foreign interference.” 

The interim report provides a sobering glimpse into the extent of foreign meddling in Canadian affairs, with particular emphasis on activities surrounding recent federal elections. In response to these revelations, the Canadian government is addressing the issue through new legislation, such as Bill C-70, introduced on May 6th, which aims to update existing laws and improve Canada’s capacity to detect, disrupt, and defend against foreign interference. Additionally, the Canadian government's allocation of funds for establishing a National Counter-Foreign Interference Office underscores the seriousness with which Canada regards this issue.

China's Response

China has strongly rejected the allegations of foreign interference. On May 8th, the state-run Global Times published two articles on the subject. 

The first article criticised Canada's efforts to address foreign interference, describing it as "The so-called China's foreign interference is nothing but a lie to serve political purposes and a drama directed and performed by Canada itself." The preliminary report raises doubts about its validity, reflecting a broader trend in some Western states to attribute electoral outcomes to external influences. The article also accused Canada of interfering in China's domestic affairs. The paper also raised concerns about Canada's actions, suggesting they might hinder positive relations. It stated, "Canada's approach risks harming its relationship with China by aligning itself with US criticisms. We urge Canada to act objectively and avoid being misled by unsubstantiated reports."

The second article focused on Canada's introduction of draft legislation to counter foreign interference. Chinese Foreign Ministry spokesperson Lin Jian was quoted saying, "China has never and will never have any interest in interfering in Canada's internal affairs," dismissing claims of foreign interference as politically motivated lies. A Chinese academic commented, "The introduction of the new law based on groundless accusations of Chinese interference in Canada's elections is once again the country's attempt to fuel unfriendliness and hostility toward China domestically and internationally." The article also mentioned that Canada's new draft legislation is driven by domestic political motives, with the opposition party pushing for tougher policies towards China to challenge Canadian Prime Minister Trudeau's leadership.

China's Grand Strategy

Despite China’s reaction, China's growing global influence and its strategic aspirations are a subject of extensive international discussion. It manifests through a multifaceted approach to enhance its global influence and secure strategic advantages. Politically, concerns exist regarding its role in other countries' elections, particularly through the United Front Work Department (UFWD). Allegations of such interference have surfaced in Canada, the US and Australia. Militarily, China's activities in the East and South China Seas create tensions with neighbouring states. These activities are challenging established international maritime norms, and contravening international laws and norms. Economically, the Belt and Road Initiative extends its reach across continents, fostering dependencies through infrastructure while facing criticisms of potentially resembling neo-colonialism practices. This economic outreach often seems to often complement its military ambitions, as infrastructure projects can double as strategic military footholds. Domestically, China's human rights record, particularly in Hong Kong, Tibet, and Xinjiang, is under international scrutiny. Issues surrounding limitations on freedoms are a source of international concern. In cyberspace, its strategic operations involve sophisticated espionage and potential disruptions of global infrastructure, raising international alarms over cyber warfare. China's cultural diplomacy and media expansion aim to shape global perceptions and address Western influence. These efforts can be seen as attempts to manage international reactions to its policies. Collectively, these strategies reinforce China's position on the global stage and intricately interlink to influence its relationships with major world powers, crafting a complex web of influence and control.

Source: Image created by the author.

China's Strategy in Canada

China's approach in Canada shares similarities with its broader strategies internationally. Both utilise a multifaceted approach to cultivate influence and achieve strategic goals. In line with its global political ambitions, China's engagement through the UFWD with Chinese diaspora communities raises questions about potential influence on domestic politics and public opinion. This comprehensive strategy presents significant challenges to Canadian sovereignty, security, and economic interests.

In the economic and technological spheres, China's tactics include cyber espionage and strategic investments in critical sectors, raising Canada's national security concerns. Notable incidents like the Microsoft Exchange server attacks have targeted essential Canadian infrastructure, undermining data security and intellectual property. Moreover, strategic investments in sectors such as natural resources and ports might be seen as signs of China's efforts to extend its geopolitical influence within Canada, mirroring its global economic outreach.

The involvement of Chinese companies like Huawei in Canada's 5G network raised concerns about data security vulnerabilities, prompting Canada to implement restrictive measures to protect its telecommunications infrastructure. Concurrently, Chinese investments in Canadian real estate and potential political influence attempts require careful monitoring.

In the areas of soft power and cultural influence, the presence of Confucius Institutes within Canadian universities raises questions about the promotion of a selective view of Chinese culture, potentially impacting academic freedoms and shaping public perception. These institutes, alongside other UFWD activities within diaspora communities, shape Canada’s political landscape to align with China’s interests. Surveillance efforts, such as monitoring the Chinese diaspora through organisations like the Chinese Students and Scholars Associations (CSSAs), complement China's control operations within Canada.

In response, Canada has taken steps to address these concerns, including updates to legislation, enhanced cybersecurity measures, and the establishment of a National Counter-Foreign Interference Office.

Canada…Moving Forward

As Canada navigates this complex landscape, vigilance in defending its democratic institutions and national interests is paramount. Public Safety Canada has affirmed, "The Government of Canada takes the threat posed by foreign interference seriously and has various tools and mechanisms in place to protect individuals and Canada's interests." CSIS’s recent annual report states, "the PRC’s negative perceptions of select Canadian domestic and foreign policy initiatives may also drive more foreign interference….in 2024.” The evolving nature of these challenges demands comprehensive and multifaceted tactics, which include legislative measures, diplomatic engagement, and international cooperation. By addressing these challenges proactively, Canada will not only be upholding the integrity of its democratic processes but also asserting its sovereignty against external pressures. Canadian Minister of Foreign Affairs Mélanie Joly stated, “As with past crises, multilateralism and diplomacy offer our best hope for maintaining peace and stability.”  While Canada must take decisive actions to counter interference and protect its sovereignty, it should also engage in diplomatic efforts with other states, including China, to address the issue of interference. This balanced approach combines responses to interference with diplomatic engagement where possible. Strengthening alliances with Five Eyes and other global partners, specifically in the Indo-Pacific, is crucial for effectively confronting and mitigating these risks. As these strategies continue to evolve, transparency, accountability, and community engagement are pivotal to ensure that Canadians are protected and that the democratic framework remains resilient against the covert and disruptive tactics of foreign actors. By strengthening its defences and adopting a proactive stance, Canada safeguards its sovereignty and contributes to the broader global effort to preserve democratic values and institutions, consequently enhancing stability in the world order.

Check out another China & Asia Team article on China’s Belt and Road in the Maldives by Carlotta Rinaudo.

March 21, 2023No Comments

Vladimir Radunovic and Anastasia Kazakova on Cyber Diplomacy

Vladimir Radunovic and Anastasia Kazakova talk about cyber diplomacy, the geopolitics of cyberspace, and the roles of state and non-state actors.


Vladimir Radunovic is Director, E-diplomacy and Cybersecurity Programmes, and Anastasia Kazakova is a Cyber Diplomacy Knowledge Fellow at DiploFoundation. This Swiss-Maltese non-governmental organisation specialises in capacity development in the field of Internet governance and digital policy.

Interviewer: Oleg Abdurashitov - Cybersecurity, Artificial Intelligence and Space Team.

March 2, 2023No Comments

Cybersecurity: the Nexus Between Public and Private Sector

For the third Webinar of the 2022/2023 season, we had the pleasure to host three top experts in the field of Cybersecurity: Luca Nicoletti from the Italian National Cybersecurity Agency, Andrea Rigoni from Deloitte, and Antonello Vitale, a former Executive of the Italian Intelligence Community.

These experts explored the complex relationship between the public and the private sector in the context of cybersecurity - a relationship with countless challenges as well as opportunities. The event was chaired by our very own Martina Gambacorta, a member and researcher of the ITSS team.

June 8, 2022No Comments

Italy’s cybersecurity response to Russian attacks (Italiano)

Author: Sarah Toubman

In the past few years, the Italian government has rapidly increased both the pace and number of steps taken to protect its national cybersecurity interests. Italy began creating legislation and organizations for the defense of its cybersecurity infrastructure in 1993, but many observers have criticized developments in Italian cybersecurity as inadequate and slow-moving compared to its peers in Europe and beyond. However, in June 2021, the Italian government declared its intention to create a new national agency for cybersecurity, and just weeks ago, released a national cybersecurity policy for 2022-2026.

The Italian government’s increased attention to cybersecurity has come just in time, as several prominent cyberattacks against Italy by Russian hackers occurred this May. Considering Italy and the European Union’s support for Ukraine in its war against Russia, it is not surprising that Russian-backed agents have unleashed attacks on Italy in the cybersphere, a space the Kremlin has long operated in. For example, during the 2008 Ruso-Georgian war, Russian-backed hackers reportedly carried out cyberattacks against Georgian internet infrastructure.

More recently, this cyber aggression has been turned towards both state and private cyberinfrastructure in Italy. On May 10th, Russian hacker groups “Killnet” and “Legion” attempted to break into and modify the voting results for the Eurovision Song Contest, which Italy hosted and Ukraine ultimately won. However, thanks to the Italian Computer Security Incident Response Team, which was created in 2018, the attempt was foiled. 

Similarly, just one day later on May 11th, “‘Killnet’ claimed an attack on the websites of several Italian institutions, including the Senate, Italy's upper house of parliament, and the National Health Institute.” On May 19th, the Russian hacking organization launched additional cyberattacks on Italian institutions, including the High Council of the Judiciary, and the Ministries of Foreign Affairs, Public Education, and Culture.

While Russian-backed cyber organizations are clearly enthusiastically targeting Italy, the robust responses of Italian cyber-defense organizations are now successful on a level which would have been unlikely prior to the development of its new cybersecurity agency and the rollout of its 2022-2026 cybersecurity policy. Although historically Italy has often been behind the curve in its cybersecurity policies, Mario Draghi’s push to launch the National Cybersecurity Agency was in fact extremely forward-looking and timely. Furthermore, since the agency’s announcement, Italian cybersecurity forces have developed the skills required to successfully counter Russian-backed agents, proving its creation was not merely a publicity-boosting measure for the Draghi government.

One recent headline has declared that “Italy [is] embroiled in cyber war with pro-Russian hackers.” Definitions of what constitutes cyberwarfare still vary, and the Russian government formally denies involvement with the groups of hackers conducting these attacks. However, such a headline again serves to remind those concerned with international security that Russia has historically and continues to use the cyber sphere to wage war, and therefore a robust international security policy necessarily includes cyber-defense. Therefore, in the context of the Russian invasion of Ukraine--the largest war seen in Europe since 1945--defensive cybersecurity capabilities are evermore important for Italy and any nation openly opposing Russian actions. 

Italy’s 2013 National Strategic Framework for Cyberspace Security and 2017 Cybersecurity Action Plan had both highlighted the need for improved public-private cooperation to ensure national cybersecurity moving forward. In fact, the 2017 plan had urged that “private entities operating in strategic sectors must be considered as key assets and included into a holistic approach to national cybersecurity that provides for the implementation of minimum security requirements for country-critical systems.” Again, such a point was forward-looking, highlighting the fact that in May 2022, Russian-backed agents did not only launch cyberattacks on Italian government organizations, but also the Eurovision Song Contest, a multinational initiative being operated out of Italy. 

Notably, under the country’s new cybersecurity policy, the Italian Computer Security Incident Response Team was successfully able to both prevent an attack against Eurovision and resolve cyber incidents related to government websites. However, moving forwards, this area merits even further attention. The Italian state could be severely impacted by cyberattacks against a whole range of websites, companies, and infrastructure, including public, private, and multinational organizations. Therefore, ensuring Italian cybersecurity going forward would require not just improved public-private cooperation, but also coordination between Italy and all interconnected sectors of the EU. 

Image Source: https://imgcdn.agendadigitale.eu/wp-content/uploads/2019/05/28110643/cyber-war.jpg.webp

Italian translation 

Negli ultimi anni, il governo italiano ha accelerato rapidamente il passo e ha compiuto progressi nella protezione dei suoi interessi nazionali nell’ambito della sicurezza cibernetica. L’Italia iniziò a legiferare e fondare organizzazioni per la difesa delle infrastrutture legate alla sicurezza cibernetica nel 1993. Da allora, molti osservatori hanno criticato gli sviluppi, ritenendoli inadeguati e lenti rispetto agli altri paesi in Europa e nel mondo. Giugno 2021 segna una tappa importante per il governo italiano, che dichiara di voler creare una nuova agenzia nazionale per la sicurezza cibernetica, e poche settimane fa, è stata pubblicata la policy per la sicurezza cibernetica nazionale 2022-2026.

L’aumento di attenzione per questo campo arriva perfettamente in tempo, quasi in concomitanza con diversi attacchi cibernetici compiuti da hacker russi contro l’Italia lo scorso Maggio. Tenendo presente il supporto dichiarato da Italia e Unione Europea per la guerra portata avanti dall’Ucraina contro la Russia, non è una sorpresa che agenti sostenuti dalla Russia stessa abbiano effettuato attacchi contro l’Italia nella sfera cyber, uno spazio in cui il Cremlino opera da tempo. Per esempio, durante la guerra tra Russia e Georgia nel 2008, la Russia ha dato supporto ad hacker per colpire le infrastrutture internet dell’avversario.

Più di recente, le aggressioni cyber sono state indirizzate contro la sfera cyber pubblica e privata dell’Italia. Il 10 Maggio, il gruppo hacker russo “Killnet” e “Legion” ha cercato di entrare e modificare i risultati dei voti dell’Eurovision Song Contest,tenutosi in Italia e vinto dall’Ucraina. Nonostante ciò, grazie al Computer Security Incident Response Team dell’Agenzia per la Cybersicurezza Nazionale, creato nel 2018, il tentativo è stato sventato.

Allo stesso modo, ad un solo giorno di distanza, “Killnet” ha rivendicato un attacco a diversi siti istituzionali italiani, incluso quello del Senato e dell’Istituto di Salute Nazionale. Il 19 Maggio, l’organizzazione russa ha lanciato ulteriori attacchi ad istituzioni italiane, inclusi il Consiglio Superiore della Magistratura, i Ministeri degli Affari Esteri, della Pubblica Istruzione e della Cultura. 

Mentre le cyber organizzazioni russe sono chiaramente entusiaste di avere l’Italia come bersaglio, le risposte robuste date dalle organizzazioni di cyber-difesa italiane hanno avuto un successo che non sarebbe stato possibile raggiungere precedentemente allo sviluppo della nuova Agenzia per la Cybersicurezza Nazionale e alla nuova policy 2022-2026. Sebbene storicamente l’Italia si è sempre trovata in ritardo rispetto ai progressi e alle policy promosse dagli altri paesi, il Presidente Mario Draghi ha insistito per fondare l’Agenzia per la Cybersicurezza Nazionale e questo ha permesso di essere estremamente lungimiranti nel garantire una risposta agli attacchi. Inoltre, dalla creazione dell’Agenzia, l’Italia ha sviluppato delle abilità notevoli e necessarie nella lotta contro gli agenti russi. 

Di recente, è stato dichiarato che “l’Italia è coinvolta in una cyber guerra con gli hacker russi.” Le definizioni di questa cyber-guerra sono ancora varie, e il governo russo ha formalmente negato il coinvolgimento dei gruppi hacker e gli attacchi condotti. Nonostante questo, la situazione al momento conferma che la sfera cyber è sempre utilizzata dalla Russia come arma contro i nemici di guerra, e perciò c’è bisogno di politiche per la sicurezza internazionale più robuste e che includano necessariamente la cyber difesa. Nella guerra tra Russia e Ucraina, la più grande guerra mai vista dopo il 1945, le capacità difensive nel campo della cybersicurezza sono ancora più significative per l’Italia e per qualunque altra nazione che voglia apertamente condannare le azioni Russe. 

La National Strategic Framework for Cyberspace Security del 2013 e il Cybersecurity Action Plan del 2017 hanno entrambi sottolineato il bisogno di migliorare la cooperazione tra pubblico e privato per assicurare una rapida evoluzione nell’ambito della cyber sicurezza nazionale. Infatti, il piano del 2017 ha evidenziato che “le entità private che operano per la cyber sicurezza nazionale lavorano per l’implementazione dei minimi standard di sicurezza richiesti per le infrastrutture critiche del paese.” Ancora una volta, questo punto di vista è lungimirante e sottolinea il fatto che a Maggio 2022, gli agenti russi non hanno solo colpito il governo italiano ma anche l’Eurovision Song Contest, un’iniziativa multinazionale che era organizzata dall’Italia. 

Il Computer Security Incident Response Team dell’Italia ha avuto successo nel prevenire l’attacco contro l’Eurovision e nel risolvere incidenti legati a siti internet del governo.

Infine, questo argomento meriterebbe ancora più attenzione. Lo stato italiano potrebbe essere severamente colpito da cyber attacchi contro siti internet, compagnie e infrastrutture, includendo il settore pubblico, privato e organizzazioni multinazionali. Per questo, garantire la cyber sicurezza del paese e svilupparla ulteriormente richiederebbe non solo un miglioramento della cooperazione tra pubblico e privato, ma anche la coordinazione tra Italia e tutti i settori interconnessi dell’Unione Europea. 

September 20, 2021No Comments

Cybersecurity and Society

The team "Culture, Society, and Security" interviews Dr. Madeline Carr, Professor of Global Politics and Cyber Security in the Faculty of Engineering Science at the University College of London and Dr. Camino Kavanagh, visiting fellow at King’s College London, and member of UN advisory support team for negotiating processes related to cyber and international security.

Interviewing Team: Julia Hodgins and Sofia Staderini

July 21, 2021No Comments

How are the U.S. Administrations dealing with Cybersecurity

By: István Hagyó and Bianca Ferrazza 

Introduction

Witnessing government agencies, corporations and the military's recent shift of administration of activities to the internet, one cannot ignore the pressing concern of cybersecurity to world security. It is pertinent to discuss cybersecurity, as the contemporary world is increasingly immersed in the use of new IT technologies; humans seem to be living in cyberspace rather than in the physical one. Cybersecurity’s relevance to national security is obvious: in the era of digitalization, we are observing a lot of new threats coming from the internet and countries must act before having their weak spot detected. 

What is a cyber attack?

According to the Oxford Dictionary, a cyber attack is an act aimed at the damage or the destruction of a computer network or system. More precisely, a cyber attack consists of an attempt to perform any action that might hurt a database’s security. These actions may include disabling computers, stealing data or leakage of any sensible information. 

What happens when a country or company is the victim of this attack?

The cyber domain also refers to the term “cyberspace”. According to the definition of the U.S. Department of Defense, cyberspace is “A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the internet, telecommunications networks, computer systems and embedded processors and controllers”. 

Cybersecurity’s role in the contemporary world emerges as a consequence of the internet revolution of the past decades. It is considered a practice aimed at the protection of systems (alongside that of programs and networks) from the threats of digital attacks. 

Cybersecurity aims to foil attacks at gaining access, leak or destroy sensitive information and to interfere with the normal administration of companies, government agencies and other subjects. The implementation of cybersecurity has improved in recent years, due to the growing business of high tech companies, but so have hackers. In general, one can consider a successful cybersecurity approach one that presents several layers of protection against hackers. 

The Evolution of US Cyberpower

In analysing the approach of the Biden administration in regards to cybersecurity threats, it would be interesting to look back in time and to understand what the past US administrations have done.

In 2003, the Bush Administration commissioned a document, National Strategy for Security Cyberspace, which pinned down three tactical approaches aiming to prevent cyber attacks on the country’s most important infrastructures, reduce its fragility and, in case the attack actually happens, implement efficient strategies to minimize damage. The National Strategy issued by George W. Bush also posed itself as a target to invigorate companies’ care to their cyberspace, by routinely empowering their security systems. The Bush administration also presented a huge contribution by issuing the National Infrastructure Protection Plan in 2006, which identified 17 infrastructure sectors and advanced the idea that cybersecurity’s importance derives from the fact that it can be declined in any sector and therefore does not represent a separate topic. 

The Obama Administration took a radically different approach, organizing cybersecurity with a top-down strategy by assigning the command of cybersecurity policies to the White House rather than to the Department of Homeland Security (DHS). During his mandate, new legislations were passed, alongside the issuance of new policies. Chinese hackers were involved in cyber theft regarding intellectual property and trade strategies, occupying US intelligence in many inquiries. In 2015, Obama and Chinese President Xi Jinping signed an agreement aimed at the cessation of commercial hacking, which resulted in a drop in the number of instances of Chinese hacking into the American commercial cyberspace. Additionally, the state department worked with international institutions and with other countries in an attempt to apply international law to the new cyber threats. The Department of Home Security enhanced its “Einstein” cyber threat prevention system; the software now is used by more than 90% of federal agencies. 

The Trump Administration, experts say, seems to have taken the country a step back on cybersecurity management. The former President fired Christopher Krebs who was the director of the Cybersecurity and Infrastructure Security Agency (C.I.S.A.) since 2018 for not having supported Trump’s claims on the 2020 election fraud, a decision that was contested by most cybersecurity experts. Trump’s legacy on cybersecurity is made up of several different measurements. During his mandate he managed to confront China on cyber issues, to recognize the importance of the cyber domain in regards to the next decades in warfare. It also implemented a “Defending Forward Strategy”. This strategy enforces operations aimed at intercepting attacks before they reach the U.S. and has several implications in regards to some sectors of the economy considered vital to the country’s normal administration. The new strategy also claims to be “preparing for war”. It seems that the cyber operations will be joined with warfighters, to try and combine the two aspects of security. 

Newly-elected President Joe Biden has come up with a new executive order regarding the matter of cybersecurity, making it a priority to improve the Government’s strategy tied to the new threads proposed by the “cyber switch”.  In order to better sum up the new policies regarding the cybersecurity approach, the White House has released a fact sheet focused on the highlighting of some key aims of the executive order, some of these being the improvement of software supply chain security, the establishment of a cybersecurity safety review board and the removal of barriers to threat information sharing between borders.

U.S. Administrations vs Major adversaries

The American approach toward potential Russian cyber threats became a major debate after the accusation of Russian meddling in the 2016 American General Elections. The GRU (Russian military intelligence agency) carried out several attacks on Ukraine including two power grids and the 2017 NotPetya virus causing $10 billion worth of damage. The Baltic states are the most vulnerable and affected, while direct cyber-attacks against US international companies, governments and critical services are also very common. In 2020 alone, almost 300 million ransomware attacks were launched causing a $1 billion loss. Such an occasion was the ransomware attacks on Colonial Pipeline resulting in gas outrage of the East Coast for days.

The different interpretation of the nature of cyber conflict by both states makes the situation more complicated. The Russian government and embassy strictly denied the existence of such operations. However, several attempts were initiated by the Russian part to form a common group to counter cyber-attacks. The American part each time rejected the offer, especially during the Trump Administration, due to mistrust and fear from domestic scepticism in case of an agreement by President Trump. The Biden Administration realized, both the necessity and the lack of progress in the case. A significant result and probably the only one during the recent Biden-Putin summit in Geneva, Switzerland, was to form a bilateral committee on cybersecurity issues and potential cyber-attacks. The American part highlighted 16 entities, infrastructures that are off-limits from attacks.

China is also raising concerns in Washington. The United States’ cyberspace relations with China are different as compared to Russia. China has greater economic potential, therefore, more resources to fund its cyberspace strategy. When considered from a global perspective, it reaches any industry and all the sectors involving any entity. Like in other arenas, China is pursuing to take the frontrunner role in cyberspace as well. The characteristics of Chinese cyber-attacks are heavily intelligence oriented and spying for the ultimate western technology. A great suspicion is toward Chinese advanced telecommunication equipment like the Huawei 5G. In order to avoid the escalation of such allegations, the two states in 2015 signed the U.S. - China Security Agreement. However, it focuses only on economically motivated cyber-attacks. It is widened by the escalated trade war between the two countries resulting in no breakthrough during the Trump administration and the recent Sino-American summit in March 2021. 

Conclusion

Given the increasing importance and danger of cyberspace, only in 2020 alone, almost 30.000 companies, corporations, institutions and banks were targeted and a total of 300 million cyber-attacks were launched causing over $1 billion loss. The concept of cyberspace and its potential threats became a national security topic during the presidency of George W. Bush. The Obama Administration was the first to institutionalize it, while President Trump was the first who publicly accused China of cyberspace warfare. Now, it is President Biden’s turn to take an approach and engage major powers to internationally institutionalize cyberspace to prevent uncontrolled cyber-attacks. There is a need for barriers and deterrence for those who conduct uncontrolled cyber-attacks. Although this was initiated with Russia during the Biden-Putin summit, only time will tell the extent to which it is successfully implemented. 

July 12, 20212 Comments

Oleg Goldshmidt on Cybersecurity

Oleg Goldshmidt talks about Cybersecurity, deception technology, 5G, protection of key infrastructure, financial services and national security. Oleg Goldshmidt is a principal software architect at Fortinet. This is ITSS Verona Member Series Video Podcast by the Cybersecurity, Artificial Intelligence and Space Team.


Interviewer: Renata Safina