Enhanced security requirements for new home routers sold in Singapore
SINGAPORE – 12 OCT 2020
The Infocomm Media Development Authority (“IMDA”) today published enhanced security requirements for new home routers sold in Singapore.
The finalised Technical Specifications for Residential Gateways (“RG”), commonly known as home routers, take into account feedback from the public and industry, following an earlier consultation exercise. The Technical Specifications will come into effect in six months, on 13 April 2021. Home routers previously approved by IMDA can continue to be sold until 12 October 2021.
Home routers are often the first entry point for cyber-attacks targeting the public, as they form the key bridge between the Internet and residents’ home networks. In March 20201, IMDA announced its plan to set minimum security requirements for home routers, to provide a safer and more secure Internet experience for users, and to strengthen the resilience of Singapore’s telecommunications networks.
This proactive move comes against the backdrop of continued proliferation of networked intelligent devices in homes, such as web cameras and baby monitors, which has translated into higher risks of cyber-attacks that target such devices. Japan imposed similar requirements from April 2020 this year, while the United Kingdom has recently begun to evaluate such requirements.
While users do not need to change their existing home routers, they are encouraged to purchase those which are compliant with IMDA’s cybersecurity requirements when they next upgrade their devices. They are also advised to continue to upgrade their firmware regularly. Wi-Fi home routers which comply with IMDA’s specifications qualify for Level 1 of the Cyber Security Agency of Singapore’s Cybersecurity Labelling Scheme. Users can look out for the label to ensure that they purchase home routers that are secure and compliant.