In preparation for the Tokyo 2020 Summer Olympic games, the Japanese government has launched an unprecedented plan to thwart potential future hacks against the country’s IT infrastructure. On Jan. 25, the government passed an amendment that will allow federal workers to hack citizen IoT devices as part of a wide-scale survey of IoT device security.
The survey will be conducted by the National Institute of Information and Communications Technology (NICT) and will have oversight from the Ministry of Internal Affairs and Communications. Ultimately, the goal is for the NICT to build a list of all insecure devices across the country and pass the information along to internet service providers. These providers will then be able to ask consumers to bolster their login credentials.
Unprecedented Security Measures
The survey, scheduled to kick off in February, will test the security of more than 200 million IoT devices. NICT workers will use default passwords to try and log into consumer devices, the first of which will be routers and web cameras.
Japanese consumers are upset about the government’s decision, characterizing it as an unnecessary step. Instead of allowing government employees to hack into devices, many believe broad communications about changing default passwords would have a similar impact. Under both scenarios, it is still not guaranteed that consumers would change their passwords.
The motivation behind the mandated hacking comes from the fact that more than two-thirds of cyber-attacks in 2016 targeted IoT devices. The government is worried that hackers will try to compromise the country’s IT infrastructure during the 2020 Summer Olympic games. A broad attack will be much harder if consumers change default factory passwords and increase the complexity of their login credentials.
Fears Grounded in Reality
Japan does have reason to fear a potential security attack. In 2018, Russian nation-state hackers released a malware, Olympic Destroyer, during the Pyeongchang Winter Olympics opening ceremony. The action was believed to be pay back for the International Olympic Committee’s decision to ban hundreds of Russian athletes from competing in the games.
Ukrainian intelligence blocked a second Russian international games hacking attempt when they discovered a botnet, VPNFilter, that was built to disrupt broadcasting of the 2018 UEFA Champions League final. More and more, hackers are using botnets to expose router firmware vulnerabilities to attack many devices at once.
Strong Cybersecurity more Important than Ever
Already, there are more than 10 billion devices connected to the internet worldwide. IoT devices, in particular, are an easy entry point for hackers to access private and valuable information, as they tend to have poor internal security measures but are still likely to be connected to the same network that a consumer’s computer or iPhone uses.
Cybersecurity will be a major topic in 2019 after a hack-happy 2018. IT security leader, McAfee, believes we will see an increase in mobile malware and the use of AI for unethical reasons. ObserveIT believes that the future deployment of 5G wireless networks will create a more susceptible security landscape overall.
Taking appropriate security measures to hack-proof devices and understand cybersecurity policies will become increasingly important in today’s interconnected world. With many more smart devices set to launch in coming years, it’s critically important for individuals, organizations, and governments to take the necessary steps towards bolstering device security and protecting private information.