UK announces new security rules for IoT devices

News
By published

Cybercriminals are targeting vulnerable connected devices

(Image credit: Shutterstock)

Under new laws proposed by the UK government, all internet-connected devices will be required to abide by a strict set of security standards.

The new measures are designed to protect consumers and businesses against an increasing volume of cyberattacks. IoT devices - ranging from phones and tablets to smart speakers and cameras - have become a popular target due to poor security standards and, in some cases, discontinued security support.

Beyond scraping information from devices and using them as a route into private networks, criminals can harness hacked IoT devices to perpetrate DDoS attacks and take down online services.

The proposed legislation would require those involved in the manufacture and sale of connected devices in the UK to follow three rules:

- All consumer internet-connected device passwords must be unique and not resettable to any universal factory setting

- Manufacturers of consumer IoT devices must provide a public point of contact so anyone can report a vulnerability and it will be acted on in a timely manner

- Manufacturers of consumer IoT devices must explicitly state the minimum length of time that the device will receive security updates at the point of sale, either in store on online

Compulsory standards

The new security standards were developed by the Department for Culture, Media and Sport (DCMS), in collaboration with the National Cyber Security Centre (NCSC).

“Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people’s privacy and safety,” said Matt Warman, minister for digital and broadband at DCMS.

“It will mean robust security standards are built in from the design stage and not bolter on as an afterthought,” he continued.

Until now, the UK has encouraged companies operating in the IoT space to adhere to a set of voluntary security practices. It has reached the conclusion that compulsory measures are necessary to ensure users are protected.

Via ZDNet

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest in Security
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedly left users exposed for months
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
AI tools.
Not even fairy tales are safe - researchers weaponise bedtime stories to jailbreak AI chatbots and create malware
Data leak
Top California sperm bank suffers embarrassing leak
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
Latest in News
Stability AI 3D Video
Stability AI’s new virtual camera turns any image into a cool 3D video and I’m blown away by how good it is
The Google Wallet app with a mode for kids shown on-screen.
Google Wallet’s new kid-friendly payment system is a win for parents
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedly left users exposed for months
Vertere DG-X turntable on a pink/white TechRadar background
Vertere's elite DG X turntable is modular, expensive, and hugely desirable
Google Pixel 9a
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
The bottom left corner of an Android phone, showing the Phone, Messages, Google icons and Google Search bar
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
More about security
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X

A worrying Apple Password App vulnerability reportedly left users exposed for months
DeepSeek

Fake DeepSeek installers are infecting your device with dangerous malware
Vertere DG-X turntable on a pink/white TechRadar background

Vertere's elite DG X turntable is modular, expensive, and hugely desirable
See more latest
Most Popular
Vertere DG-X turntable on a pink/white TechRadar background
Vertere's elite DG X turntable is modular, expensive, and hugely desirable
Mark and Devon sitting in a car in Severance season 2 episode 9
What time is Severance season 2 episode 10 going to be released on Apple TV+?
Oracle
Oracle is giving your business the chance to create its own AI agents
The Google Wallet app with a mode for kids shown on-screen.
Google Wallet’s new kid-friendly payment system is a win for parents
Comino Grando Server
Puget Systems partners with Comino to bring more affordable liquid cooled dual-CPU, 8-GPU systems to the masses
Stability AI 3D Video
Stability AI’s new virtual camera turns any image into a cool 3D video and I’m blown away by how good it is
Elecom 9,000mAh sodium-ion battery
This is the world's first sodium-ion mobile battery, a game changer in environmental sustainability, but it's not cheap
The bottom left corner of an Android phone, showing the Phone, Messages, Google icons and Google Search bar
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
Data center server room lit with green lights
Microsoft is MIA as Amazon, Meta, Google and others join consortium to triple nuclear energy output by 2050
Thrustmaster Sol-R flight stick
Thrustmaster announces the Sol-R 1 and Sol-R 2 HOSAS flight sticks designed for space sims like Elite Dangerous