New rules for smart devices proposed to help prevent cyber-attacks
Smart devices such as televisions, toys and smart home speakers will be expected to include new, strong security features to keep them safe from hackers, the Government has said.
The Department for Digital, Culture, Media and Sport (DCMS) has announced a Security By Design review which includes guidelines and a new code of practice from manufacturers on how to improve the cyber-security of internet-connected devices.
Smart devices such as internet-connected speakers and televisions have become increasingly popular with consumers, with analysts estimating more than 420 million connected devices will be in UK homes by 2020.
However, a report last year by the National Crime Agency (NCA) warned that the rise of such devices would make them a more appealing target for cyber criminals seeking to hold users to ransom over their personal data.
In an attempt to improve security across the industry, the DCMS said it has worked with manufacturers, retailers and the National Cyber Security Centre to create the new guidelines.
These will encourage firms to ensure all passwords on new devices cannot be reset to a factory default, and encrypting all “sensitive data” which is transmitted over apps or devices.
Minister for digital and the creative industries Margot James said: “We want everyone to benefit from the huge potential of internet-connected devices and it is important they are safe and have a positive impact on people’s lives.
“We have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed.
“This will help ensure that we have the right rules and frameworks in place to protect individuals and that the UK continues to be a world-leading, innovation-friendly digital economy.”
The guidelines also call for tech firms to ensure they have a vulnerability policy and a public contact for security researchers and others to report issues, as well as rolling out regular and automatic software updates.
The Security By Design review also proposes developing a new product-labelling system to help make consumers aware of a product’s safety features before purchase.
Alex Neill, managing director of home products and services at consumer watchdog Which?, said: “With connected devices becoming increasingly popular, it’s vital that consumers are not exposed to the risk of cyber-attacks through products that are left vulnerable through manufacturers’ poor design and production.
“Companies must ensure that the safety of their customers is the absolute priority when ‘smart’ products are designed. If strong security standards are not already in place when these products hit the shelves, then they should not be sold.”
The initiative is part of the Government’s National Cyber Security Strategy, to which £1.9 billion has been pledged to make the UK the “most secure place in the world to live and do business online”.