Hackers invited to break into security robots, EV chargers, at DEF CON Singapore
Sign up now: Get ST's newsletters delivered to your inbox
Participants on the second day of the inaugural DEF CON Singapore at the Sands Expo and Convention Centre on April 29.
T PHOTO: JASON QUAH
- DEF CON Singapore gathered ethical hackers and experts to test public safety technologies, aiming to bolster Singapore's systems for real-world operations.
- Attendees demonstrated critical vulnerabilities in common EV chargers, highlighting severe real-world risks like remote disabling or controlling vehicle systems.
- The inaugural event, backed by HTX, is seen as a turning point for Singapore's cybersecurity scene, promoting ethical hacking to fortify systems.
AI generated
SINGAPORE - A car dashboard’s speedometer is going wild at the behest of hackers.
Medical devices are being taken apart and reprogrammed.
Hundreds of other hackers break into everything from physical padlocks to security patrol robots.
These were the scenes on April 29, the second day of the inaugural DEF CON Singapore, a convention that brought together ethical hackers and cybersecurity experts from around the world.
There was talk that undercover intelligence agents were in attendance too, looking to recruit talent.
The organisers said the idea behind the hacker convention is to have Singapore’s own technologies scrutinised by the global cybersecurity community so they can be made more robust for real-world operations.
It is being held alongside the Milipol TechX Summit (MTX) 2026 at the Sands Expo and Convention Centre from April 28 to 30.
MTX is jointly organised by the Home Team Science and Technology Agency (HTX), Civipol, TechX Ventures and events company Comexposium, and is supported by Singapore’s Ministry of Home Affairs and France’s Ministry of the Interior.
While MTX brings together government, industry and academia to showcase the latest public safety technologies, DEF CON Singapore brings together hackers and cybersecurity experts to test and challenge such systems.
A console from a car with the words “hacked by” seen at the Car Hacking Village at DEF CON Singapore at Sands Expo and Convention Centre on April 28.
ST PHOTO: MARK CHEONG
A prime example on the convention floor was a security patrol robot by ST Engineering.
It was placed on display with an open invitation to hack it.
Initially, the challenge proved too steep.
Mr Kevin Seow, a member of the patrol robot product team from ST Engineering, said the robot was already heavily field-tested and highly secure.
To give attendees a fighting chance at hacking into it, he had to intentionally introduce vulnerabilities, and even then, none who tried were entirely successful.
Mr Seow said: “They were able to complete a part of the challenges, but they weren’t able to hack into it. If someone actually does, then we know they are truly talented.
“If we can find such people, we would want them to join us.”
However, hackers across the hall were successfully breaching systems used by the general public.
Ms Alina Tan, 33, co-founder of cybersecurity consultancy HE&T Security Labs, showcased an electric vehicle (EV) charger her firm bought online – and hacked in just two weeks, gaining the ability to alter its voltage or disable it entirely.
Ms Tan said it was important to proactively address cybersecurity concerns even as EV infrastructure continues to evolve.
She added if this was not fixed, such gaps could potentially be used by bad actors to disrupt services.
“There are increasing areas of connectivity in modern vehicles and their supporting infrastructure that require careful security consideration,” she said.
“This includes components such as critical vehicle systems and infotainment platforms.”
Her team has already provided feedback to the charger’s manufacturer on the vulnerabilities found.
This is a core goal of the ethical hacking community – to break into systems to prevent bad actors from exploiting them.
The Car Hacking village at DEF CON Singapore at Sands Expo and Convention Centre on April 28.
ST PHOTO: MARK CHEONG
Running annually in Las Vegas since 1993, DEF CON has built a reputation on community, creativity, and a healthy dose of mischief.
Founder Jeff Moss noted that DEF CON stands apart from traditional corporate cybersecurity conferences.
“We’re more about the joy of discovery, unexpected results, and getting your hands on something you would normally never get your hands on,” he said.
DEF CON attendees are notorious for playing pranks, such as compromising the devices of anyone careless enough to plug in a stray USB drive or connect to an unsecured network.
That spirit of mischief appeared to be alive and well even in the Singapore chapter, with a poster near the entrance touting free Wi-Fi alongside a note to use it with caution.
Mr Moss said he had been wanting to bring the convention to Singapore due to the nation’s high interest in technology and strong rule of law.
With backing from HTX, the vision finally became a reality.
Security researcher Eugene Lim, 31, said he hopes DEF CON Singapore becomes a permanent fixture.
“It’s a really fun event, and a good opportunity for more Singaporeans to be exposed to hacking and cybersecurity,” said Mr Lim, who is one of Singapore’s top bounty hunters, or ethical hackers who get paid to identify vulnerabilities in systems and inform companies to fix them.
The man, widely known in the community by his online handle Spaceracoon, added: “It also shows them that hacking is not just about sitting behind a computer, and not everyone in the community is just a hacker in a hoodie.”
