Japan plans to hack into millions of its citizens’ connected devices

The Japanese government will try to hack into internet-connected devices in homes and offices around the country starting from next month as part of efforts to improve cybersecurity, NHK World-Japan reports.

First of its kind: The program, which could last for up to five years, was approved on Friday. It will be conducted by Japan’s National Institute of Information and Communications Technology (NICT). From mid-February, the institute will use default passwords and password dictionaries to try to break into about 200 million devices, starting with webcams and routers. When they successfully gain access to a device, the owner will be contacted and advised to improve security measures.

Olympic link: The survey is part of efforts to improve cybersecurity in the run-up to the Tokyo Olympics in 2020, according to a communications ministry official.

Controversy: There’s some logic for this project. So-called “internet of things” devices notoriously tend to have poor built-in security. NICT found IoT devices were targeted in 54% of cyberattacks it detected in 2017. However, it raises an awful lot of questions. There’s no way to compel people to act on the information once uncovered. Why not just prompt Japanese citizens to change their passwords, without trying to hack them first? And what will the institute do with all the data it collects? There’s a risk that creating a big database identifying devices that are not properly secured could present a huge honeypot for hackers itself.

This story first appeared in our newsletter The Download. Sign up here to get your daily dose of the latest in emerging tech.