Europe, UK (Commonwealth Union) – New regulations aimed at safeguarding consumers against hacking and cyber-attacks are set to go into effect today. These regulations mandate that all internet-connected smart devices must adhere to minimum-security standards by law. The UK will lead the charge as the first country to implement such laws.
Manufacturers will now be legally obligated to shield consumers from potential hackers and cybercriminals attempting to exploit devices with internet or network connectivity. This requirement extends across a wide spectrum of devices, ranging from smartphones to gaming consoles and even connected refrigerators.
Under these new guidelines, manufacturers are prohibited from utilizing weak, easily guessable default passwords such as ‘admin’ or ‘12345’. Instead, users will be prompted to change any common passwords upon device startup. This proactive measure is aimed at preventing incidents similar to the notorious Mirai attack of 2016, where 300,000 vulnerable smart devices were compromised due to inadequate security measures. The government pointed out that these compromised devices were subsequently weaponized to launch attacks on major internet platforms and services, resulting in widespread disruption, including internet outages along the US East Coast.
In the wake of such incidents, the UK has also witnessed cyber-attacks targeting banks like Lloyds and RBS, causing significant disruptions for customers. According to the government these new regulations represent a crucial step towards fortifying cybersecurity measures and safeguarding consumers against emerging digital threats.
Minister for Cyber, Viscount Camrose says “As every-day life becomes increasingly dependent on connected devices, the threats generated by the internet multiply and become even greater.”
With smart TVs in 57 percent of households, voice assistants in 53 percent, and smart watches or fitness wristbands in 49 percent, this new regime underlines the government’s dedication to confronting these societal and economic challenges directly. The legislation is being implemented as a component of the Product Security and Telecommunications Infrastructure (PSTI) regime, aimed at enhancing the UK’s cybersecurity resilience and safeguarding against malicious interference that could affect both the UK and global economy.
