The British government has introduced new legislation to protect smart devices in homes from being hacked.

Recent research from the consumer watchdog has found that homes filled with smart devices can experience more than 12,000 cyber attacks in a single week.

That is why default passwords (known passwords) for devices connected to the Internet will be blocked, and companies that fail to do so will face huge fines, and one expert said it was an important "first step".

Cybercriminals are increasingly targeting products from phones and smart TVs to internet-connected home speakers and dishwashers.

Hackers who gain access to a single vulnerable device can continue to gain access to entire home networks and steal personal data.

In 2017, for example, hackers stole American casino data by hacking into an internet-connected aquarium, according to the BBC.

There have also been reports of people accessing home webcams and talking to family members.

In one case, poor security on a home Wi-Fi router was behind the uploading of illegal child abuse images;

As a result, the police charged an innocent couple with the crime.

And while there are strict rules about protecting people from physical harm - such as overheating, sharp components or electric shock - there are no such rules for electronic breaches.

new rules

The Product Security and Communications Infrastructure Act establishes 3 new rules:

  • Easy-to-guess default passwords that are pre-programmed on devices are blocked.

    All products now require unique passwords that cannot be reset via restore to factory defaults.

  • Customers should be informed when purchasing a device of the minimum number of vital security patches and updates.

    If these updates are not obtained, or if the customer receives an unknown or out of date update request, he must report it immediately.

  •  Security researchers will be given a point of contact with companies to point out the flaws and errors discovered.

  • The new system will be overseen by a regulator who is appointed once the bill comes into effect, and will have the ability to impose a fine of up to £10m, or 4% of the company's global turnover, plus up to £20,000 a day for infractions. persistent.

    Internet-connected home devices are an easy way for hackers to hack into your home network if the default password isn't changed (Associated Press)

    The rules apply not only to makers of digital products, but also to companies selling cheap technology imports in the UK.

    The law covers a wide range of devices, such as smartphones, routers, security cameras, game consoles, home speakers, and Internet-enabled goods and games.

    But it does not include vehicles, smart meters, medical devices, and desktop and laptop computers as well.

    “Hackers are trying every day to break into people’s smart devices. Most of us assume that if a product is for sale from a well-known company, it is secure and does not need to change passwords. This leaves many of us at risk of fraud and theft,” said Julia Lopez, Minister of Information, Data and Digital Infrastructure.

    "The new violation will put a firewall around everyday technology from phones and thermostats to dishwashers, baby monitors and doorbells, and will impose hefty fines on those who break tough new safety standards," Lopez said.

    Ken Munro, from security firm Pen Test Partners, highlighted several vulnerabilities in internet-connected devices, telling the BBC the legislation was a "huge step in the right direction".

    "However, it is important for the government to acknowledge that this is only a first step," Munro said. "These laws will need continuous improvement to address the more complex security issues in smart devices."

    Monroe says it's important to apply the rules to online marketplaces where they have "frequently found products with security risks that are widely sold online."

    State piracy

    A separate piece of legislation that won royal approval last week - the Telecommunications (Security) Act - will give Ofcom new powers to monitor the security of telecom networks.

    It can issue fines of up to 10% of turnover or £100,000 a day for those who do not meet the criteria.

    The government described the new move as an "important step" to protect the UK from hostile activities, whether from government agencies or criminals.

    Over the past two years, the government has attributed a range of cyber attacks to Russia, China, North Korea, and Iran.

    Keywords: