Scenes of machines rising up in force to destroy the world from the movie Terminator 3 became a fleeting reality this week.

That was when StarHub revealed on Wednesday that the two waves of cyber attacks that brought down Internet surfing on its broadband network last Saturday and on Monday - a first for telcos in Singapore - came from its customers' "zombie machines".

They were infected with malware, which directed them to overwhelm StarHub's systems in what is known as a distributed denial-of-service (DDoS) attack. The users would have had no clue this was happening in the background.

The truth is that "smart" Internet-connected devices such as speakers, routers and webcams are easy targets for hackers.

They have default credentials and passwords that users rarely change, and can easily be hacked into.

There is also no regulation on how these devices should be secured.

It is uncanny that the two attacks on StarHub came on the heels of a similar DDoS attack last Friday on US-based DNS service provider Dyn. A piece of malware called Mirai reportedly infected traffic cameras, which were used to take down Dyn's DNS, or domain name system.

PwC Singapore's Asia-Pacific cyber and financial crime leader Vincent Loy said: "As the prevalence of the Internet of things increases, the ability to use these equipment as a weapon increases."

The industry needs to decide how to standardise and mandate how the devices should be secured.

A 2016 Ericsson Mobility Report predicted that these "smart" appliances and devices will reach 15.7 billion in 2018, exceeding the total number of mobile phones and computers, which are estimated to be 10.4 billion combined.

This means that home users have a huge part to play in cyber security. The least they can do is to set challenging passwords for their webcams and routers.