Team Blitz India
Consumer protection against hacking and cyberattacks came into effect in the UK on April 29 as all internet connected smart devices will now be required by law to meet minimum-security standards. Manufacturers will be legally required to protect consumers from hackers and cyber criminals from accessing devices with internet or network connectivity, according to an official release.
Such devices include smartphones, games consoles, and even connected fridges, among others, said a statement from the Department for Science, Innovation and Technology, National Cyber Security Centre, and Office for Product Safety and Standards. The UK thus becomes the first country in the world to introduce these laws, the release added.
Under the new regime, manufacturers will be banned from having weak, easily guessable default passwords like ‘admin’ or ‘12345’ and if there is a common password the user will be prompted to change it on start-up. This will help prevent threats like the damaging Mirai attack in 2016 which saw 300,000 smart products compromised due to weak security features. All major internet platforms and services were targeted in this attack, leaving much of the US East Coast without internet.
Since then, similar attacks have occurred on UK banks including Lloyds and RBS leading to disruption to customers. The move marks a significant step towards boosting the UK’s resilience towards cyber-crime, as recent figures show 99 per cent of UK adults own at least one smart device and UK households own an average of nine connected devices. The new regime will also help give customers confidence in buying and using products, which will in turn help grow businesses and the economy.
An investigation conducted by ‘Which?’ showed that a home filled with smart devices could be exposed to more than 12,000 hacking attacks from across the world in a single week, with a total of 2,684 attempts to guess weak default passwords on just five devices.
