A new law announced this week aims to protect millions of users from cybersecurity vulnerabilities in consumer IoT devices
With the sale of connected devices on the rise, the UK Government has set forth a law which seeks to safeguard consumers from malicious attacks.
The UK Government said that it takes consumer IoT security “very seriously”, adding that they recognise the need to shift the responsibility away from the consumer, ensuring that manufacturers build robust cybersecurity features into the products by design.
Digital Minister Matt Warman said: “Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people’s privacy and safety.”
Research has shown that there will be 75 billion connected devices in homes across the world by 2025. Many devices have been found to have less than adequate security.
In 2018, McAfee exposed a vital flaw in Belkin’s smart, internet-connected Wemo plug. It might seem benign, a simple smart plug, but finding the weakest point of entry from which to launch an attack on more sophisticated devices is just one way a cyber attacker can exploit vulnerabilities.
“Smart technology is increasingly central to the way we live our lives,” said Nicola Hudson, Policy and Communications Director at the National Cyber Security Centre, “so the development of this legislation to ensure that we are better protected is hugely welcomed.
“It will give shoppers increased peace of mind that the technology they are bringing into their homes is safe, and that issues such as pre-set passwords and sudden discontinuation of security updates are a thing of the past.”
The UK Government said that they aim to make their measures implementable by industry while still supporting the growth of IoT. They are now working with international organisations to ensure that their guidelines form part of a global standard for IoT security.