Measures to Protect Users against Security Flaws of Wi-fi Devices and Services

14 Dr Chia Shi-Lu asked the Minister for Communications and Information regarding the security flaws which place wi-fi devices at risk (a) what is the impact on our free public wi-fi service Wireless@SG; and (b) what measures are being taken to protect users.

Assoc Prof Dr Yaacob Ibrahim: The Infocomm Media Development Authority (IMDA) works closely with its appointed telecom service providers to ensure the security of the Wireless@SG public wi-fi network.

IMDA, as the programme owner, ensures that the Wireless@SG operators adhere to the stipulated standards on identity management, login and security. Its appointed telecom service operators – M1, Singtel, StarHub, Y5ZONE and MyRepublic – are responsible for the network design and implementation.

In terms of security, the Wireless@SG operators are required to ensure that their infrastructure meets international best practices, for example, the Open Web Applications Security Project. Depending on the vulnerabilities found, all operators will work closely with IMDA and the relevant authorities to address them promptly, such as implementing patches released by the manufacturers and disabling vulnerable components.

Nevertheless, users are encouraged to be vigilant when they access public wi-fi networks. Users should choose password protected and encrypted hotspots, for example, Wireless@SG, over those that are not. Users should also consider using encrypted channels, such as Virtual Private Network (VPN) and the Hypertext Transfer Protocol Secure (HTTPS), when processing personal or sensitive information. For safe surfing tips, users can refer to the Cyber Security Agency's GoSafeOnline website at https//www.csa.gov.sg/gosafeonline.