Carl Court/Getty Images
show image

NCSC reveals three tips for protecting connected devices

British security officials have issued new guidance to help consumers bolster the security of internet-connected devices.

The National Cyber Security Centre (NCSC) revealed three tips on Tuesday (3 March) for protecting devices such as smart cameras and baby monitors.

In a statement it said:

  • “If your camera comes with a default password, change it to a secure one – connecting three random words which you’ll remember is a good way to do this. You can usually change your password using the app you use to manage the device.
  • “Keep your camera secure by regularly updating security software. Not only does this keep your devices secure, but often adds new features and other improvements.
  • “If you do not use the feature that lets you remotely access the camera from the internet, it is recommended you disable it.”

The guidance comes amid a spate of attacks on connected devices. Around half a million passwords for servers, routers and “smart” gadgets were leaked in January, and there have been a number of recent reports of vulnerabilities in connected toys and other similar products.

Last month, the UK government announced plans to ban default passwords from connected devices. It has also pledged to mandate manufacturers to provide a point of contact to receive reports of vulnerabilities.

Writing for NS Tech at the time, the digital minister, Matt Warman, said: “Research suggests by 2025 there will be 75 billion internet connected devices in homes around the world. However, the current security standards of many of these devices are low and the security and privacy risks are too great.”

Caroline Normand, director of advocacy at Which?, said that until the new laws come into effect, “it is vital that consumers research smart device purchases carefully, and follow guidance to ensure their devices are protected by strong passwords and receiving regular security updates to reduce the risk of hackers exploiting vulnerabilities.”

Why the UK is banning default passwords in IoT devices