Smart Cities, Sharpen Up: 5G and Cyber Security

As 5G technology is being rolled out across Australia, and network speeds and coverage improving rapidly, Australian cities are set to become smarter. Many local governments have already begun to embark upon smart city initiatives, implementing Bluetooth monitoring systems for roads, sensor-controlled water and waste infrastructure, and data-collecting CCTV cameras.

5G’s small-cell network enables more devices to connect to the Internet of Things and data to be collected and transmitted in real time, giving local governments the ability to deliver more smart city initiatives on a larger scale. But with opportunities comes risks, and 5G is no different. Enabling significantly more devices to be connected to the Internet of Things creates more points of vulnerability for hackers and attackers.

Local governments need to put in place appropriate cyber security practices to deal with these weaknesses, particularly when creating smart city initiatives which deal with citizens’ personal information, and those which are created around critical infrastructure like emergency services, roads and electricity. This was demonstrated in 2017 in the US city of Dallas, where hackers exploited a ‘radio issue’ to set off the city’s network of 156 tornado sirens in the middle of the night. The alarms continued for 1.5 hours, resulting in over 4000 emergency services calls being made, and causing significant congestion in the city’s emergency telephone lines.

There are a number of things that local governments can do to improve the cyber security of their smart city infrastructure. These include putting in place a cyber-incident response plan, undertaking a data breach simulation to identify technological vulnerabilities, maintaining back up systems for when the infrastructure fails. Local governments should also be particularly careful when partnering with service providers to deliver smart city projects, and should ensure those providers have strong data and network security practices. Finally, when undertaking any kind of smart city project which involves collecting citizens’ data, the data should be encrypted where possible, stored securely, and destroyed when no longer required.

Local governments may also find the NSW Department of Customer Service’s recent Internet of Things Policy (October 2019) a useful document when procuring or rolling-out solutions involving the Internet of Things.

For further information on any of the issues raised in this alert, please contact the Intellectual Property team at McCullough Robertson.

This publication covers legal and technical issues in a general way. It is not designed to express opinions on specific cases. It is intended for information purposes only and should not be regarded as legal advice. Further advice should be obtained before taking action on any issue dealt with in this publication.