The UK government has enacted new laws mandating minimum security standards for all internet-connected smart devices, effective immediately. These regulations aim to safeguard consumers and businesses from cyber attacks and hacking threats.
Under these regulations, manufacturers are prohibited from using weak default passwords like "admin" or "12345." Instead, users will be prompted to change default passwords upon device activation.
A recent investigation by the consumer group Which? revealed that a typical UK household with smart devices faced over 12,000 hacking attempts in a week, with nearly 2,684 attempts to breach weak default passwords on just five devices.
"From today, consumers will have greater peace of mind that their smart devices are protected from cyber criminals," stated UK minister for cyber, Jonathan Berry.
The Department for Science, Innovation, and Technology emphasised that these laws, which the government has dubbed as “world first”, require manufacturers to secure devices with internet or network connectivity, spanning from smartphones to connected fridges, against hackers and cyber threats.
The new regulations are part of the UK government's £2.6 billion National Cyber Strategy, aimed at enhancing online security.
"Our commitment to establishing the UK as the global standard for online safety takes a significant stride forward with these regulations," said UK Data and Digital Infrastructure Minister Julia Lopez.
These laws, part of the Product Security and Telecommunications Infrastructure regime, are designed to bolster the UK's resilience against cyber attacks and mitigate potential economic impacts from malicious interference.
Alongside password security measures, manufacturers must provide contact details for issue reporting, and retailers must disclose expected minimum timeframes for receiving crucial security updates.
(PTI)
