Protecting UK Residents from Cyber Attacks
Innovative plans to protect people from being hacked, include:
- Manufacturers (e.g. Apple, Google, Samsung) to disclose the end of security updates for many devices (e.g. smartphones, smart speakers).
- The introduction of a new law will ban ‘easy-to-guess default passwords‘ on almost all devices.
- New rules will simplify the process of reporting software bugs – often exploited by malicious hackers.
The introduction of groundbreaking cyber security laws to protect smart devices and reduce the number of cyber attacks has one key takeaway. You can visit Sapphire to learn more about it.
Manufacturers of popular smart devices, such as smartphones, smart watches, digital doorbells, cameras, TVs, and speakers, will need to give advance warning of how long they will guarantee vital security updates for their products.
Unfortunately, even one vulnerable device can put the complete network at risk. As a result, hostile groups can access webcams when they detect poor security features.
So, how will the new cyber security laws for smart devices counter this threat? In essence, they will ensure that almost all smart devices meet new requirements, by:
- Banning manufacturers from using so-called ‘universal default passwords’. Typical examples include the word ‘admin’ or ‘password’. Hackers and scammers find these easy to guess when preset in the factory settings of a device.
- Having to inform customers at the POS (point of sale) about the duration of time for which that particular smart device will receive security software updates.
- Requiring manufacturers to provide a public POC (point of contact). Doing so will make it simpler for their customers to report a vulnerability.
Note: Research from Which? consumer group found three in ten people had kept their last phone for about four (4) years. This leaves them vulnerable because some brands offer security updates for only two years after the purchase date.
National Cyber Security Centre Guidance
NCSC guidance has further details about using smart devices safely in your home. It explains the importance of changing default passwords and how to reduce the likelihood of cyber criminals stealing your data.
The Digital Infrastructure Minister provided further comments, and said:
- The changes in cyber security laws will help to ensure shoppers understand how long vital security updates will support their products.
- It is well known that hackers like to steal data from our phones and smart devices. Yet, many of them are still running on old or outdated software that contain “holes” in the security systems.
- Reforms backed by worldwide tech associations will target the malicious efforts of online criminals.
In a nutshell, performing regular security updates on smart devices is a critical tool. It helps to protect us against cyber criminals who are constantly trying to hack them.
Code of Practice for Consumer IoT Security
We are connecting more and more home-based devices to the internet. Many are products and appliances that have traditionally been offline. But, they are rapidly becoming part of the ‘Internet of Things’ (IoT).
The new cybersecurity laws build on world-leading work already achieved by the government. It is boosting the security of smart devices and includes a code of practice for device manufacturers.
Important: You can read more about the Code of Practice for Consumer Internet of Things (IoT) Security on the GOV.UK website.