A study by the United Nations estimated that 68 per cent of the world’s population will live in urban areas by 2050. Only technological interventions can ensure a quality of life for such a large population in the cities then. Enhancement of quality of life for such a large urban population will necessitate the integration of modern technology, including information and communication technology. This is the underlying concept of ‘Smart Cities’.

The Government of India has launched a ‘National Smart Cities Mission’ with an aim to develop 100 smart cities all over the country. The mission was launched by Prime Minister Narendra Modi on June 25, 2015, with a budget of Rs 48,000 crore. Another Rs 50,000 crore was allocated for rejuvenation of 500 other cities, under what is known as the ‘Atal Mission for Rejuvenation and Urban Transformation (AMRUT)’. The Union government had to implement this scheme in collaboration with state governments over a period of five years. Each city was required to create a ‘Special Purpose Vehicle’ headed by a full-time CEO to implement the smart city mission.

As the purpose of smart cities is enhancing the quality of life of citizens, it is necessary to reduce the consumption of resources by preventing wastages and thereby reducing overall costs. The smart cities must, therefore, aim at providing better urban services like energy, transport and utilities in a cost-effective manner. Better management of resources and improved services will, besides enhancing the quality of life, lead to better economic growth.  

These systems will have a lot of impact on the life of the citizens and hence, issues related to privacy and security gain a lot of importance. With the increasing use of technology, there has been a lot of increase in privacy and security breaches. It is important to design smart cities in a manner that these concerns are addressed through an inbuilt system.

The infrastructure and data bank of the smart cities faces three types of threats. The first threat emanates from cyberattacks from hackers and forces inimical to a country aiming to disrupt the command and communication systems with the purpose to cause economic loss, create chaos among people to degrade their morale besides impeding the infrastructure development.

Secondly, data mining by interested parties, including enemy countries, who can then use this data to make an assessment of the capabilities and limitations of the target country. Finally, there is a physical threat to the security of the sensitive installations including command and control centres.  

Cyberattacks on the rise

The enormity of the problem of cyberattacks can be gauged from the fact that several smart cities and establishments run on modern technology all over the world have been hit by them and had to suffer heavy losses.

For example, in April 2019, the city of Riviera Beach was hit by a ransomware and had to pay 600 million dollars. They were made to make payment in Bitcoins, a digital currency which is hard to trace, only after which the authorities could regain access to the data encrypted in a cyberattack. Another example is that of one of the biggest cyberattacks on Indian banks in October 2016. It was estimated that 3.2 million debit cards were compromised. Major Indian banks, namely SBI, HDFC Bank, ICICI, YES Bank and Axis Bank, were among the worst hit. The breach went undetected for months and was first detected after several banks reported fraudulent use of their customers’ cards in China and the United States, while these customers were in India.

The biggest Indian bank – the State Bank of India – blocked almost 6,00,000 debit cards. An audit later revealed that the breach was due to a malware injected into the payment gateway network of Hitachi Payment Systems. The cyberattack on Pune-based Cosmos Cooperative Bank in August 2018 was said to have been carried out by North Korea-based hackers. The hackers withdrew Rs 94 crore from ATMs in 28 countries. Malware infection in Kundakolam Nuclear Plant in September 2019 caused a big scare. The cyberattack on this State-run Nuclear Power Corporation of India Ltd, or NPCIL, which is responsible to run 22 commercial nuclear power reactors in India was fortunately restricted to administrative wing and did not affect any of the operations.

The cyber experts have to create appropriate firewall shields and fool-proof authentication processes to ensure such cyberattacks do not breach the systems.

To properly manage the smart cities, a large quantum of data has to be collected and stored. Possibility of data being mined by interested parties cannot be ruled out. For example, the data on portal ‘E Vahan’, a data bank of all registered vehicles in India, is easily accessible and can be used by interested parties for various purposes. Such data has to be secured through a process of encryption and passwords. This also has to be ensured that the people working in these organisations do not get compromised and start selling the data themselves.

Big Data Analysis is another tool which can be systematically used to predict and prevent threats. The technological interventions and artificial intelligence have made it possible to sift specific reliable and actionable information to prevent mishaps. Artificial intelligence which is slowly but steadily coming of age can also be gainfully utilised for preventing cyberattacks, and for privacy protection security and crime prevention.

Securing the installations

There is also the problem of physical security of these modern components of smart cities, especially the stand-alone installations. These threats may take the shape of sabotage.

Proper round-the-clock surveillance – both physical and technical – of these installations must be ensured. Proper access control systems to prevent unauthorised persons from accessing these facilities must be ensured.

This can happen through the physical deployment of personnel at the access points. It has to be ensured that all authorised persons are issued with proper identification which should have electronic or colour coding to differentiate between various levels and areas of access to the facility.

Security of the community

A smart city cannot be actually called smart until the community feels secure. Hence, besides taking measures to alleviate the threats discussed above, the people living in these cities have to be provided with a secure environment to carry out their daily activities without fear or hindrance.

Several measures will have to be taken to ensure this. These steps will include well-lit streets and alleys, evidence-based policing, installation of CCTV cameras, recordings from which can be used in courts to establish criminality.

The police must resort to predictive policing. This will involve having a strong intelligence network and involvement of the community in policing. The police must have their surveillance network in each society and village in the shape of sources and Village Defence Parties – a system widely prevalent in states along the international borders. Drone-based surveillance systems are fairly effective in giving early warnings. The facial recognition systems are also fairly effective measures for crime prevention, detection and investigation.

The CCTN or Crime Control and Tracking Network system which has been introduced at many places connects various police stations and can be evolved to monitor FIRs and investigations by making use of a stored data bank.

To ensure proper security of installations and community living in those areas, the planners need to prioritise it at the initial stage itself. It is recommended that the security systems should generally be centralised as the decentralisation tends to compromise the consistent approach.

Sanjiv Krishan Sood is a retired Additional Director General of Border Security Force. (Views are personal)