Ethical hackers on the frontline, keeping your home safe from cyber-attacks
The challenge of cyber security, in an age of growing digital connectivity, is explored on the programme Challenge Tomorrow.
SINGAPORE: It is not just computer systems and national infrastructure that are vulnerable to cyber-attacks. The emerging Internet of Things (IOT) - where devices such as smart watches, handphones and even kitchen appliances can connect to the Internet - means even your household is not safe.
And research assistant Toh Jing Hui from the Singapore University of Technology and Design (SUTD) and his team of hackers spend much of their time hacking into these gizmos, to expose how vulnerable users are today.
“The smart watch is a very good example,” said Mr Toh, who would be considered a white hat or ethical computer hacker. “What the attacker can do is to infect your smartwatch with a malicious software that makes it run like a printer.
“So you go into your company and you try to send printouts. But instead of sending it to the printer, everything will be collected by the watch which the attacker can take out.”
Even those innocuous Wifi-enabled slow cookers are not safe; an attacker can compromise your web server and use it send spam emails.
“This (IOT) is a very new domain, so there is no proper standard to follow to secure such devices. So part of our work is to try to set this standard,” he said.
WATCH: How these white hats work (1:00)
The importance of cyber security is an issue discussed on the programme Challenge Tomorrow on Sunday (March 19).
Just how crippling a cyber-attack can be, was seen on a country-wide scale in 2007 when Estonia – the birthplace of Skype, and one of the most digitally advanced nations in the world where people can vote and register births online – fell victim.
Mr Jaak Aviksoo, who had just taken office as Estonia’s minister of defence, recalls that day. He’d tried to access a government ministry website and there was nothing. He then checked other websites – but they all displayed the same error message.
“The electronic banking was not working, two major banks had black screens, and news agencies were down… It became clear that was not an occasional occurrence,” he said.
Indeed it wasn’t. Estonia had just experienced the world’s first nation-wide cyber-attack. While there was no physical damage, psychologically, people felt under attack, noted Anto Veldre, an analyst at the Estonian Information System Authority.
“When the Internet is out for five days, you cannot do anything because all your money is in the bank and you have no cash,” he said.
The attack highlighted the vulnerability of a digitally-connected nation and triggered a scramble among countries to reconsider cyber security.
And to wage this defensive cyber-war, organisations and governments are turning to white hats.
Mr Tim Medin, an instructor with SANS Institute - a US-based information security organisation that trains government and civilian employees – said: “At the surface level, they (the white hats) are bad guys because they’re breaking all the software. But they’re breaking absolutely everything to get their message out there that ‘Hey, there’s a problem, let’s fix it’.”
Mr Robert M Lee, another SANS Institute instructor, said organisations tend to focus on the hardware aspects when it comes to cyber security, which misses the point. “We’re talking about human threats targeting these pieces of infrastructure. So you have to put in human defenders,” he said.
SUTD’s Mr Toh said Singapore lacks talent in the cyber security industry, which is why SUTD is hosting workshops and competitions to promote the field.
“Kids are very closely connected to technology,” he said. “So we want to show them the importance of cyber security in their everyday life, and hopefully through these outreach programmes and workshops, we are able to get them interested and think of it as a viable career.”
This episode of Challenge Tomorrow airs Sunday, March 19, at 8pm (SG/HK).