British government to introduce law to secure IoT in three strong measures

[ad_1]

At the dawn of Brexit, which will take place this Friday, January 31, 2020 in the evening, the United Kingdom is working hard on cybersecurity. While the country has said it intends not to completely exclude the Chinese telecoms giant Huawei from its 5G networks, it is now preparing to pass a law dedicated to securing smart health connected consumer devices. Its goal: to impose on manufacturers the implementation of protections, from the design of their product and throughout its life.

THREE MAIN MEASURES

At the request of the Ministry of Digital Affairs, Culture, Media and Sport, the British National Cybersecurity Center has made various proposals for practices aimed at strengthening the level of protection. Some of them were already encouraged, but subjected to the goodwill of the actors of the sector. Authorities say they have consulted industry extensively as part of the move, and welcome the compromise reached. "This new law holds industry and resellers responsible for the fight against piracy, which threatens the privacy and security of people", said Matt Warman, Undersecretary of State for Digital and Broadband.

In fact, a manufacturer will have to follow three new rules in the future to obtain authorization to market smart health connected devices on the British market. First, such a device should have a unique password – restoring the factory settings will therefore be impossible. Manufacturers will also have to give consumers a way to contact them in order to report a potential vulnerability. They will also be required to tell them, at the time of purchase, the minimum time that a product will continue to receive updates. In early December, the FBI pointed out the role of these various factors in the current phenomenon of the proliferation of hacks.

 "These measures will reassure consumers about the safety of the objects they bring into their homes and will make bad practices a thing of the past"said Nicola Hudson, director of policy and communications at the National Cybersecurity Center. The IoT is under fire from critics because it is considered insecure. Hacking cases have increased in recent months, with the criminal most often seeking to conduct distributed denial of service (DDoS) attacks – which aim to make a service or hardware unavailable by saturating it with connection requests. Even more alarming, smart health connected objects serve as a gateway to the networks and systems they embark on. Threats that are critical to users.

[ad_2]