The Japanese government approved an amendment to allow government workers to hack into citizens’ internet of things (IoT) devices as part of efforts to improve cybersecurity ahead of the 2020 Tokyo Olympics.
Beginning next month, devices in people’s homes and offices will be subject to government scrutiny, whereby members of the National Institute of Information and Communications Technology will create usernames and passwords as they try to hack into upwards of 200 million devices, such as routers and webcams, according to NHK World.
According to a report from the Ministry of Internal Affairs and Communications Cyber-Security Office, two-thirds of the cyber attacks in Japan in 2016 targeted IoT devices. The heightened risk to connected devices at high-profile events like the Olympics has sparked a desire to mitigate risks with a heightened degree of urgency.
“IoT security is one of the greatest challenges we face today. IoT has gone unregulated and largely unsecured to date. That, paired with the sheer number and types of the devices being networked and connected to cloud interfaces and on-the-internet APIs and you have a perfect storm. A radical shift in approach is needed,” said Ashish Gupta, CEO, Bugcrowd.
“In Japan, which will soon be hit with an influx of visitors for the Olympic Games, the government has taken decisive action to make its citizens and visitors more secure. It’s not the first time a government has stepped in to help improve security for the country – this approach is similar to what Australia did with the hajime worm in 2017.
“While this is relatively novel to take this approach at this scale, many organizations take a similar approach – albeit on a smaller scale – and for good reason. Employee negligence when it comes to security is one of the biggest cybersecurity risks to businesses. Having a robust and proactive security posture is critical in today’s climate.”