show image

Government calls on firms to beef up security for connected devices

The government is calling on manufacturers to embed tighter security measures into internet-connected devices, in a bid to stem the tide of cyber attacks on consumers.

Officials plan to work with industry to implement a new voluntary code of practice to boost the security of devices such as smart TVs, toys and speakers.

The move follows a string of high profile breaches, including the hacking of CCTV feeds and botnets exploiting thousands of smart devices. Margot James, the minister for digital and the creative industries, said internet-connected devices hold huge potential, but must be more rigorously secured.

“We have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed,” she said. “This will help ensure that we have the right rules and frameworks in place to protect individuals.”

The measures outlined in the government’s Secure by Design report, which was drawn up by the National Cyber Security Centre, include creating unique passwords for each device. Firms will also be encouraged to adopt a vulnerability policy and public point of contact for researchers.

The NCSC’s technical director Ian Levy said shoppers should be given high quality information before they make a purchase: “We manage it with fat content of food and this is the start of doing the same for the cyber security of technology products.”

The government’s preference is for the market to embrace the code, but the report warns that if it does not do so quickly, “we will look to make these guidelines compulsory through law”.

Mark Weir, Cisco’s director of cyber security, said the move was encouraging, but that it represented “only half the battle”. “Whilst the ‘Secure by Design’ initiative is a promising step in the right direction, we must not overlook the fundamental importance of securing our networks too.”