According to BBC News, the UK government is developing laws that would require manufacturers to ensure their smart gadgets cannot be hacked and exploited via the internet. This is in the face of concerns that many internet-enabled devices lack basic security features. Under the proposed laws, manufacturers would have to:
- ensure all internet-enabled devices had a unique password
- provide a public point of contact so anyone could report a vulnerability
- state the minimum length of time a device would receive security updates
Jake Moore, Cybersecurity Expert at ESET:
“Confidence in the security of smart devices should come as standard so this new proposal can’t come soon enough. Long has there been a standoff between security professionals and manufacturers battling it out over the protection of customers and their gadgets, so if the government muscle in on the action it could just be the answer we have been fighting for.
Unique passwords are more important than most people tend to realise, so this simple yet effective ‘security by design’ move will add an instant layer of protection without the user having to think. Security doesn’t have to be difficult, but it is far more successful when the user is obliged to protected themselves by design. However, this is no doubt the end of the matter as cyber security is a never-ending battle against persistent threat actors. If this new law is constantly monitored and updated, this could be an extremely positive movement in the right direction.”
(1)
Article Link: http://digitalforensicsmagazine.com/blogs/?p=3003