Lack of security features in design of tech equipment: Forum
A warning screen from a ransomware attack. Experts warned that there would be more global cyber attacks on critical infrastructure in the future. Photo: Singapore Cyber Security Enthusiasts Facebook page
SINGAPORE — Last month’s WannaCry cyber attack, which wreaked havoc around the world, has helped to increase global awareness of the ransomware worm, said a Dutch expert during an Interpol roundtable on Thursday (June 8).
“The world is now aware that this is a global issue, especially given Internet of Things (IoT) developments,” said Dr Mark van Staalduinen, an innovation manager at the Netherlands Organisation for Applied Scientific Research (TNO), during the session held at the Interpol’s Global Complex for Innovation at Napier Road.
Other panellists at the session were Dr Damien Cheong, a research fellow at the S Rajaratnam School of International Studies, and Mr Derek Pak, vice-president of franchise integrity at Mastercard. While the IoT has led to technology being in-built into equipment, the designs of these equipment do not take into account security considerations, said Mr Vincent Loy, PwC’s Asia-Pacific financial crime & cyber leader, Singapore data & analytics leader, who moderated the session.
“They don’t have security by design because they’re very cheap. How do you ensure security by design when the consumer is looking for a product that is cheap and easy to use,” said Mr Loy.
Economies of scale would bring down technology costs over time, Dr Cheong said in response to Mr Loy’s remarks.
However, Dr Cheong also acknowledged that businesses would prefer to launch products quickly for commercial reasons, and they deem security considerations as a hindrance, slowing down their work.
Mr Loy said: “Security is always a blocker. People don’t like to hear naysayers. And when companies talk about business, they think of technology as a back-end issue.”
He added that business managers would have to change their mindsets, and bring security experts on board during the early stages of design, and the public sector should take the lead in this aspect.
The panellists also highlighted the need for the public and private sectors to collaborate, given the increasing complexity of cyber crimes.
With more intelligence being shared, cyber trends could be spotted and pre-emptive steps could be taken, said Mr Loy.
Speaking to TODAY after the roundtable, Interpol Global Complex for Innovation executive director Noboru Nakatani stressed that there would be more global cyber attacks on critical national infrastructure in the future.
Such attacks are “only the beginning” he said, noting that the influx of smart technology into houses and vehicles could also lead to them to be targets of cyber attacks.
“I always wonder how we’re going to balance between sound economic growth and security. Some people say it’s the balance between freedom and security,” said Mr Nakatani.
Singapore, in its push to be a Smart Nation, has “one of the best practices around the world” in striking this balance, he added.
The WannaCry ransomware attacks crippled computer systems in over 100 countries. Ransomware is a type of malware — software that is harmful to a computer — that essentially takes over a computer and prevents users from accessing data on the computer until a ransom is paid.
