New legislation aimed at safeguarding consumers from hacking and cyber-attacks on smart devices has been implemented in the UK.
Any device that connects to the internet, ranging from smart phones and TVs to watches and voice assistants, is now required to meet minimum security standards mandated by law.
Under the new regulations, manufacturers are banned from using easily guessable default passwords, which are exploited by cyber criminals and often available on the internet. Leading Dorset-headquartered cyber-security company C3IA Solutions welcomes these regulations.
Lucy Dalley, Security Consultant at C3IA, emphasised the significance of the laws. She said:
“These regulations are a great first step in protecting consumers and businesses against cyber-attacks because effective security measures will already be implemented before the device is in the hands of the user."
“As an NCSC-assured consultancy, C3IA recognises the importance of supply chain security to protect consumers and suppliers from falling victim to cyber-attacks. Cyber criminals still rely on human error as the most successful route in, so by increasing the security within your supply chain, it can help to reduce the risk of exposure to cyber-attack."
“With 99 per cent of UK adults owning at least one smart device, the potential impact of cyber-attacks is significant. Smart devices are not only vulnerable to data breaches; if they have a camera or microphone, users are at risk of being spied on.”
Recent research conducted by Which? underscored the vulnerability of smart devices, revealing that a home filled with them could be exposed to more than 12,000 hacking attacks from across the world in a single week.
Lucy added: “Cyber-attacks are becoming more sophisticated and damaging. Smart devices have revolutionised the way we live and work, but many users are unaware of how vulnerable they are."
“The implementation of these laws is a significant step forward in addressing cyber-security concerns surrounding smart devices. However, continued vigilance and proactive measures are essential in safeguarding against evolving cyber-threats."
“The legislation only applies to new devices and it is only a first step in terms of cyber-protection."
“We still very much advise that people ensure their devices are as secure as possible by the use of firewalls and anti-virus software, and businesses should have a minimum protection of Cyber Essentials in place.”