Man-in-the-middle: An attacker breaches, interrupts or spoofs communications between two systems. For example, a man-in- the-middle attack on a smart valve can be used to deliberately cause wastewater overﬂow.
Data & identity theft: Data generated by unprotected smart city infrastructure such as parking garages, EV charging stations and surveillance feeds provide cyber attackers with an ample amount of targeted personal information that can potentially be exploited for fraudulent transactions and identify theft.
Device hijacking: The attacker hijacks and effectively assumes control of a device. These attacks can be difﬁcult to detect because in many cases, the attacker does not alter the basic functionality of the device. In the context of a smart city, a cyber-criminal could exploit hijacked smart meters to launch ransomware attacks on Energy Management Systems (EMS) or stealthily siphon energy from a municipality.
Distributed Denial of Service (DDoS): A denial-of- service attack (DoS attack) attempts to render a machine or network resource unavailable to its intended users by temporarily or indeﬁnitely disrupting services of a host connected to the Internet. This is typically achieved by flooding the target with superfluous requests to prevent legitimate requests from being fulfilled. In the case of a distributed denial-of-service attack (DDoS attack), incoming traffic flooding a target originates from multiple sources, making it difficult to stop the cyber offensive by simply blocking a single source. Within smart cities, a plethora of devices, such as parking meters, can be breached and forced to join a botnet programmed to overwhelm a system by requesting a service simultaneously.
Permanent Denial of Service (PDoS): Permanent denial- of-service attacks (PDoS), also known loosely as phlashing,
is an attack that damages the device so badly that it requires replacement or reinstallation of hardware. In a smart city scenario, a hijacked parking meter could also fall victim to sabotage and would have to be replaced.