The UK government has in place what it calls the "world's first laws" to protect its people and businesses from cyberattacks and hacking by putting in place minimum security standards for all internet connected smart devices.
Manufacturers will have to publish contact details so bugs and issues can be reported and dealt with, and retailers will be required to be open with consumers on the minimum time they can expect to receive important security updates. Weak default passwords such as “admin” or “12345” will not be allowed.
Shared password users will be prompted to change it regularly.
According to an investigation conducted by Which?, a consumer group, UK homes were filled with smart devices that could be exposed to more than 12,000 hacking attacks from across the world in a single week, with a total of 2,684 attempts to guess weak default passwords on just five devices, PTI reported.
“From today, consumers will have greater peace of mind that their smart devices are protected from cyber criminals, as we introduce world first laws that will make sure their personal privacy, data and finances are safe,” said UK Minister for AI and Intellectual Property Vicount Camrose Jonathan Berry.
Under the new legal requirement, manufacturers must protect consumers from hackers and cyber criminals trying to to access devices with internet or network connectivity – from smartphones to games consoles and connected fridges, the UK’s Department for Science, Innovation and Technology said.
The new laws are part of the British government’s GBP 2.6-billion National Cyber Strategy to protect and promote Britain online, it added.
The government said the new laws are coming into force as part of the Product Security and Telecommunications Infrastructure regime, which has been designed to improve the UK’s resilience from cyber-attacks and ensure malign interference does not impact the wider UK and global economy.