The Japanese Government Begins Testing the Security of Nationwide IoT Devices

Click

Subscribe to the “IEEE Electrical and Electronics Engineers Society” by clicking above. Stay updated on global technological advancements and open your mind for research and entrepreneurship.

The Japanese Government Begins Testing the Security of Nationwide IoT Devices

Illustration Source:iStockphoto

Since February 20, the National Institute of Information and Communications Technology (NICT) in Japan has begun testing the security of IoT devices owned by citizens and businesses. As part of a nationwide cybersecurity experiment that will conclude in 2022, the agency will attempt to log into potentially millions of IoT devices across the country using default and easily guessable password credentials without notifying the device owners.

The project will be conducted in collaboration with the country’s major Internet Service Providers (ISPs). Its goal is to eliminate IoT devices with weak security. Subsequently, ISPs will warn device owners that their devices are vulnerable to cyberattacks.

The Japanese government noted in a cybersecurity article published in 2015 (https://www.nisc.go.jp/eng/pdf/cs-strategy-en.pdf) that poor IoT security poses a threat to national security. With the upcoming 2020 Summer Olympics in Tokyo, the world’s attention will soon focus on Japan, placing the country’s ability to host a secure Olympics under international scrutiny.

Therefore, the government proposed the NICT IoT Security Testing Project to proactively address security issues. The project is officially named “National Operation Towards IoT Clean Environment” (NOTICE). It is authorized by Japan’s Ministry of Internal Affairs and Communications.

Hiroyuki Sato, an associate professor at the University of Tokyo’s Information Technology Center, stated that while he understands the motivation behind this testing, the initiative has not been conducted with public consent.

Sato pointed out that last year the government had to amend existing NICT regulations, known as the NICT Law, to avoid conflicts with general legal provisions prohibiting unauthorized computer access. He said: “This indicates that there are still several civil rights issues related to this device testing. I am concerned that the government’s decision is hasty.”

He also mentioned that the government could have better explained to the public and businesses how the collected data would enhance security or whether this data would be used for other purposes.

“The explanations provided so far are insufficient,” Sato said. “This is an extremely common management approach in Japan. More detailed explanations are necessary.”

To assure the public that NOTICE will not lead to privacy breaches, NICT released a press release on February 1, explaining that “the purpose of the investigation is to check whether the passwords set for each IoT device are easily guessable (e.g., 123456, 00000000, etc.).”

The announcement stated that there would be no intrusion into devices or acquisition of “information beyond what is necessary for the investigation. The information obtained from the investigation will be strictly controlled according to the NICT work execution plan approved by the Minister of Internal Affairs and Communications.”

Sato does not doubt NICT’s ability to properly execute NOTICE. He stated that NICT has extensive experience in conducting IT testing and investigations. He also believes that such testing is essential for ISPs to understand their network security status. However, he does question how much impact the actual testing results will have. He said that when ordinary people are informed that their devices are vulnerable, they do not know how to respond.

He said: “Most people do not know the account information for old devices and do not know how to patch any security vulnerabilities. Therefore, I expect the enhancement of security to be limited.”

He believes a better approach would be for ISPs to conduct less invasive testing before the NOTICE tests. He said this would better prepare the nation for NICT’s invasive project.

Looking ahead, Sato hopes that ISPs will update their firmware to help strengthen network security. He believes that the government will strongly recommend that device manufacturers take security responsibility when releasing new models.

Meanwhile, others in the IT world will be keenly interested in the progress of NOTICE and how users of affected devices will react.

The Japanese Government Begins Testing the Security of Nationwide IoT Devices

Click

Read the original text

For more details

Related posts

  1. Battery-Free NB-IoT and LoRa: New Opportunities for LPWAN!
  2. Must-See! 5G and NB-IoT Network Optimization Exam Questions from a Certain Operator
  3. Analysis of the Current State of Chinese Chips
  4. What is In-Car Data Usage? Is Your In-Car Data Sufficient?
  5. AI Robots and Teachers: Breaking Boundaries in English Education with the “Dual Teacher” Classroom
  6. Current Applications of Underwater Robots in Fisheries
  7. Comprehensive Information Summary of 50 Domestic MCU Manufacturers
  8. Texas Instruments Supports Bitcoin Mining Machine Power Supply
  9. Development of Artificial Intelligence and Intelligent Computing
  10. Latest Domestic MCU Chip Manufacturers’ Business Performance Comparison
  11. Asymmetric Encryption Algorithms in Blockchain (RSA, ECDSA, ElGamal, Diffie-Hellman, etc.)
  12. Telechips, a South Korean Unicorn, Offers Unique Solutions for Smart Car Chips
  13. Jihai Semiconductor: The World’s First Real-Time Control MCU Based on Cortex-M52 – G32R501
  14. Performance Testing of the Zhi Yu ‘Feng Su·Jin’ Series SD Cards
  15. Breaking! Production Halt! Fire at Renesas 12-Inch Production Line Exacerbates Chip Supply Crisis
  16. Tianjin University Develops 3D Printed Soft Robots for Artificial Muscles
  17. Analyzing China’s Position in the Global Semiconductor Landscape
  18. Advancements in AI and Robotics Technology (April 14-20)
  19. How Flex and BMW Address ECU Validation Challenges

Leave a Comment