Techniques that use weak passwords such as ‘admin’ or ‘12345’ are set to be banned in the UK under new legislation that requires all smart devices to meet minimum security standards.
The Department of Science, Innovation and Technology announced that measures to protect consumers from hacking and cyber-attacks will come into force on Monday.
This means, among other things, that manufacturers of phones, televisions and smart doorbells are legally required to protect internet-connected devices from access by cybercriminals, and that users are required to change their common passwords. means.
Brands should make their contact details publicly available so people can report bugs and issues, and be transparent about the timing of security updates.
It is hoped that the new measures will help customers buy and use products with confidence as consumers and businesses come under attack from hackers at a rapidly increasing rate.
Consumer Champion Which? He said he had been instrumental in driving the new measures and welcomed the changes.
Rocio Concha, director of policy and advocacy at Which?, said: [Office for Product Safety and Standards] Companies must provide clear guidance to the industry and be prepared to take strong enforcement action if manufacturers break the law, but they must also ensure that smart device brands are close to their customers from day one and ensure that shoppers We also hope to make it easier for users to find information about the lifespan of their devices. You can make a supported and informed purchase. ”
Jonathan Berry, Minister for Science and Technology, said: “As our daily lives become increasingly dependent on connected devices, the threats generated by the Internet will grow and become even greater.
“Starting today, consumers can have peace of mind that their smart devices are protected from cybercrime by introducing world-first legislation to ensure personal privacy, data and financial security. We are committed to making the UK the safest online environment in the world and these new regulations mark a huge leap forward towards a safer digital world.”
The legislation is being implemented as part of the Product Security and Telecommunications Infrastructure (PSTI) regime, which aims to strengthen the UK’s resilience to cybercrime.
