 Posted by Georgia Sweeting: The laws will force device manufacturers to implement minimum security standards into devices: The UK government has announced that new laws have come into force today aimed at better protecting consumers from hacking and cyber-attacks. The legislation, a collaborative effort between the Department for Science, Innovation and Technology, the National Cyber Security Centre, and the Office for Product Safety and Standards, among others, rules that internet-connected smart devices must adhere to newly enhanced minimum-security standards. Most notably, these new regulations prohibit easily guessable default passwords such as ‘password’ or ‘12345’ and will prompt users to change common passwords upon device activation. A 2021 investigation by Which? Found that homes with smart devices could be exposed to as many as 12,000 hacking attackers per week. The average UK household contains nine connected devices, a number expected to soar over the coming decade. The new law forms part of the Product Security and Telecommunications Infrastructure regime, which is designed to improve the UK’s resilience to cyber-attacks such as the Mirai malware attack in 2016, which attacked 300,000 relatively insecure IoT devices and ultimately left much of the US East coast without internet. “As every-day life becomes increasingly dependent on connected devices, the threats generated by the internet multiply and become even greater,” said Minister for Cyber, Viscount Camrose in the announcement’s press release. “From today, consumers will have greater peace of mind that their smart devices are protected from cyber criminals, as we introduce world first laws that will make sure their personal privacy, data and finances are safe,” he continued. Starting today, all manufacturers of UK smart products will have to comply with the regulations. Find the full details of the act here. UK government introduces new laws in cyber-attack crackdown | Total Telecom |
