@carter they heard one of our conversation topics yesterday - IOT security, not the part of Ah Long (loan shark). I shall discuss the “Ah Long” in next session. Carter was asking who responsibility is for the IOT security. I argued it is the regulatory bodies or the government. Just like electrical appliances selling in Singapore are required to compliant to specified safety standard. IOT devices should have the same restriction to protect the internet as well as IOT users. If all can still remember the Mirai botnet attack in Oct 2016. It brought down huge parts of internet, especially at the east coast of USA. Globally, hundreds of thousands of vulnerable IOT devices were hijacked and used as botnet to launch powerful DDOS attack.
Connected IOT devices are expected to reach 41.6 billion by 2025 per IDC’s latest study. This projected number seems to change drastically over the years. It worked out to be 5.13 connected device per person on earth, based on 8.1 billion population. This is a huge number, you can imaging the scale of damage it can bring if the connected IOT devices are not secure. It is timely that Singapore government is addressing the issue. This will help to level the playing field for the IOT devices manufacturers, incentified them to design security into their products, such as secure boot, digitally signed firmware/software, security patch update and secure authentication login.
The next important step is to educate consumers on IOT Security. It is cool to have a smart home, with smart light, smart fridge, CCTV and etc, it helps to improve efficiency and life style. But what if adversary can view and control your smart home remotely? how many consumers understand the important of protecting their IOT devices, and have the technical knowledge to do so ?
May be IOT Security can be our coming event topic : ). Pls vote if you like to participate.