With constantly evolving technology, smart cities must adopt flexible development to ensure safe connectivity in the future. Credit: NASA.

Smart cities run the risk of being "hacked"

The technologies that underpin the very structures and identity of smart cities are still evolving. This poses the challenge of ensuring the flexible development of these cities and their digital infrastructure to adapt to new innovations as they emerge, but also to cope with other threats, such as digital security.


Places like New York, London, Paris, Tokyo and Reykjavik are leading the transition towards smart cities. Based on an army of devices and sensors that interact with each other, these and many other cities around the world are seeking to respond to 21st century challenges such as the scarcity of resources, traffic jams, pollution and urban concentration. While the technologies to achieve this are constantly evolving, a number of challenges have arisen, from how to ensure the flexible development of these cities and their digital infrastructure to how to deal with cybersecurity threats.

Driven by the ever-increasing growth of the urban population, this transformation towards smarter models is already unstoppable. In Spain, in fact, it is hard to find a city that is not undertaking smart city initiatives: from Madrid and Santander to Barcelona, Valencia and Malaga. Among their projects, there are some to manage parking, streamline mobility in transport or manage public lighting, waste collection and water. Other initiatives aim to measure air quality, temperature or luminosity.


The design of smart cities must be carried out by a multidisciplinary team: from architects, experts in mobility, cybersecurity and even philosophers. Credit: ASME.


Who should design connected cities?


To ensure the flexible development of these cities, one of the issues to consider is who should be involved in their design. The deployment of technology requires architects to plan the future of these cities. Antoine Picon, Professor of the History of Architecture and Technology at Harvard Graduate School of Design, explained at a conference organised by IE University's School of Architecture and Design that there is a risk to believing that there is only one possible model for smart cities, "instead of thinking that they have to adapt to the context of each place and that, therefore, there will be as many models as there are places where they are implemented."

This is also the view of architect Simon Smithson, winner of the prestigious Pritzker Prize in 2007, who believes that the buildings of the future "should reflect the conditions of the city's environment." In an interview published in the magazine UNO from the consultancy firm Llorente & Cuenca, he states that the style of buildings is influenced by the raw materials used in their construction, the climate and accessibility. For him, "a good building captures the spirit of the city: In Madrid, people live more in the street; in London, more indoors."

In addition to architects, there are those who argue that mobility experts, communicators and even philosophers should participate in the development of smart cities. Llorente & Cuenca assert that a city is smart when the living conditions of its citizens are optimal. "Thus, within the field of study of smart cities, we would hear more concepts such as quality of life, resilience, degrowth and even happiness," they note. Some researchers have developed rankings of smart cities that already take this into account—for example, educational level or life expectancy—but "in most published analyses, technological indicators prevail."


With increasingly frequent cyber attacks, guaranteeing the benefits of smart city connectivity will only be possible if the technology behind it is secure. Credit: Hugh Han.


Technology as an ally and a threat to cities


If there is one thing that the advocates of smart city’s agree on, it is that cybersecurity experts must be included in the development process as these cities are exposed to multiple threats. On 7 April 2017, residents of Dallas (USA) were startled by more than 150 sirens that are only activated in the event of tornadoes or severe storms. Even though the skies were clear, concerned residents inundated emergency phonelines in response to the warning. The alarms sounded intermittently for an hour and a half until the system was completely shut down. Although emergency officials initially blamed the problem on a "system failure," the following day they confirmed that it had been "hacked."

In networked cities, the possibilities for attackers are endless. They can take control of security cameras, taximeters, cars and even yachts. Smart TVs, traffic lights, ovens, refrigerators, number plate readers and even medical devices are all at risk. If a single device lacks adequate security or its digital certificate has expired, the entire structure could become vulnerable to attack or suffer disruptions. This could affect critical services and infrastructure such as hospitals, offices, sewage treatment facilities or roads.

In 2014, a team of researchers hacked nearly 100 interconnected traffic lights in Michigan. "The vulnerabilities we discovered in the infrastructure are not the fault of any one device or design choice, but rather show a systemic lack of security awareness", they explained in a paper they wrote about it. In 2015, researchers Scott Erven and Mark Collao demonstrated at a conference how they were able to access dozens of medical devices such as MRI equipment and internet-connected defibrillators in different hospitals, as reported by the BBC. They explained that attackers could even obtain patient history data and know the location of machinery within a building.

Security and privacy incidents within smart cities will become more frequent unless manufacturers of these devices adopt proper security procedures and protocols. It is also essential that methods are in place to constantly monitor these security measures and act quickly in the event of an emergency, as the benefits of an internet-connected city can only be realised if the technological means that support it are secure. This lies at the heart of one of the major issues raised by smart cities. Technology is the fundamental pillar on which all these services are based, but we cannot define what this technology will look like in the future. What is certain is that it will evolve, and along with it cities will have to do the same.

· — —
Tungsteno is a journalism laboratory to scan the essence of innovation. Devised by Materia Publicaciones Científicas for Sacyr’s blog.

  • Smart cities
  • Smart Cities
  • Cybersecurity

This website uses its own and third-party cookies to improve the user experience and analyze their behavior in order to improve the service offered.
You can consult additional information about the cookies installed on our Cookies policy.

Cookie Settings

Cookie declaration


These cookies are exempt from compliance with article 22.2 of the LSSI in accordance with the recommendations indicated by the European authority on privacy and cookies. In accordance with the above and although configuration, acceptance or denial is not possible, the editor of this website offers information about them in an exercise of transparency with the user.

  • Name: LFR_Session_STATE_*, Provider: Liferay, Purpose: Manages the session as a registered user , Expiration: Session, Type: HTTP

  • Name: GUEST_LANGUAGE_ID, Provider: Liferay, Purpose: Determines the language with which you access , to show the same in the next session, Expiration: 1 year, Type: HTTP

  • Name: ANONYMOUS_USER_ID, Provider: Liferay, Purpose: Manages the session as an unregistered user , Expiration: 1 year, Type: HTTP

  • Name: COOKIE_SUPPORT, Provider: Liferay, Purpose: Identifies that the use of cookies for the operation of the portal, Expiration: 1 year, Type: HTTP

  • Name: JSessionID, Provider: Liferay, Purpose: Manages login and indicates who is using the site, Expiry: Session, Type: HTTP

  • Name: SACYRGDPR, Supplier: Sacyr, Purpose: Used to manage the cookie policy , Expiration: Session, Type: HTTP