Measures to Mitigate Risks of Data Compromise via Public Charging Stations and Wifi Access Points
Ministry of TransportSpeakers
Summary
This question concerns the security of public charging stations and wifi access points at transport nodes to mitigate data compromise risks. Mr Yip Hon Weng asked about breach attempts and protective measures, prompting Minister for Transport Mr S Iswaran to state that no breaches have occurred. The Minister for Transport Mr S Iswaran explained that Wireless@SGx is encrypted and public USB ports have data transmission pins removed to prevent unauthorized data transfer. Security is maintained through daily staff inspections, CCTV monitoring, and signage at charging stations reminding users to practice good cyber hygiene. Public education also includes joint advisories from the Cyber Security Agency of Singapore and the Singapore Police Force regarding device protection from malicious connections.
Transcript
14 Mr Yip Hon Weng asked the Minister for Transport with the growing vulnerability of mobile devices and data being compromised via public charging stations and wifi access points (a) whether there have been any recorded attempts to breach such stations and points at our public transport nodes; (b) what measures are in place to secure these nodes to reduce the risk of compromise for users; and (c) whether the Ministry will implement public education measures, such as billboards at MRT stations, to remind users to take precautions to protect their devices and data.
The Minister for Transport (Mr S Iswaran): Madam, there have been no reported attempts to breach wifi access points or public charging stations at our public transport nodes.
Wi-fi access points at transport nodes operate via the Wireless@SGx network and comply with prevailing standards by the Infocomm Media Development Authority. Data transmitted via Wireless@SGx is encrypted. Charging stations, which are provided by public transport operators (PTOs), can only transmit power, and not data, to and from devices. Specifically, the USB ports in public transport nodes already have their data transmission pins removed. Only power transmission pins are present in the ports. The PTOs' staff can pick up signs of physical tampering through regular visual inspection and feedback from commuters. Closed-circuit television cameras can also detect and deter such attempts.
The charging stations are accompanied by signs reminding users to practise good cyber hygiene, such as using their own power plugs and cables. In addition, members of the public are encouraged to refer to the joint advisory by the Cyber Security Agency of Singapore and Singapore Police Force on 18 April 2023 on protecting mobile devices from malicious wireless and wired connections.
Mdm Deputy Speaker: Mr Yip Hon Weng.
Mr Yip Hon Weng (Yio Chu Kang): Thank you, Mdm Deputy Speaker. I just have a very short supplementary question. How often are the checks and inspections on these charging stations to ensure that they are not being tampered with or compromised on our public transport system?
Mr S Iswaran: I thank the Member for his question. The PTO staff conduct inspections of the various facilities, including the buses and the transport nodes, on a daily basis. As part of the protocol, this includes the charging points as well. So, it is not specifically just about these charging points for these USB ports; it is part of the larger regular inspection regime that they have and conduct. They are trained to pay particular attention to this, as I elaborated earlier.