Singapore tightens security requirements for new home routers

It’s hardly military-grade hardening, but it’s a good start. Time for other countries and ISPs to catch up..:

[…] In Singapore, the enhanced security requirements include randomised and unique login credentials for each device, minimum password strength, disabling system services and interfaces that are deemed to be vulnerable, default automatic downloads of firmware updates for security patches, secure authentication of access to the device’s management interface, and validation of data inputs to the device to safeguard against remote hacking.

Wi-Fi home routers that comply with IMDA’s specifications would also meet Level 1 of the Cybersecurity Labelling Scheme, which was recently introduced by the Cyber Security Agency of Singapore. Home routers, as well as smart home hubs, that are assessed to be secure and compliant will bear these labels.


Original Article