Huge fines and a ban on default passwords in new UK law – BBC News

By Jane Wakefield
Technology reporter
The government has introduced new legislation to protect smart devices in people’s homes from being hacked.
Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week.
Default passwords for internet-connected devices will be banned, and firms which do not comply will face huge fines.
One expert said that it was an important “first step”.
Cyber-criminals are increasingly targeting products from phones and smart TVs, to home speakers and internet-connected dishwashers. Hackers who can access one vulnerable device can then go on to access entire home networks and steal personal data.
In 2017, for example, hackers stole data from a US casino via an internet-connected fish tank. There have also been reports of people accessing home webcams and speaking to family members.
And poor security on a home wi-fi router could have been behind the uploading of illegal child abuse images from a home network that led to police accusing an innocent couple of the crime.
While there are strict rules about protecting people from physical harm – such as overheating, sharp components or electric shocks – there are no such rules for cyber-breaches.
The Product Security and Telecommunications Infrastructure Bill lays out three new rules:
The new regime will be overseen by a regulator, which will be appointed once the bill comes into force. It will have the power to fine companies up to £10m or 4% of their global turnover, as well as up to £20,000 a day for ongoing contraventions.
The rules apply not just to the makers of digital products, but also to businesses which sell cheap tech imports in the UK.
Included within its scope are a range of devices, from smartphones, routers, security cameras, games consoles, home speakers and internet-enabled white goods and toys.
But it does not include vehicles, smart meters and medical devices. Desktop and laptop computers are also not in its remit.
Julia Lopez, minister for media, data and digital infrastructure, said: “Every day hackers attempt to break into people’s smart devices. Most of us assume if a product is for sale, it’s safe and secure. Yet many are not, putting too many of us at risk of fraud and theft.
“Our bill will put a firewall around everyday tech from phones and thermostats to dishwashers, baby monitors and doorbells, and see huge fines for those who fall foul of tough new security standards.”
Ken Munro, from security firm Pen Test Partners, has highlighted many vulnerabilities in internet-connected devices. He told the BBC that the legislation was “a big step in the right direction”.
“However. it’s important that government acknowledges that this is just the first step. These laws will need continual improvement to address more complex security issues in smart devices,” he said.
And Which? said it was crucial that the rules applied to online marketplaces where it had “frequently found security-risk products being sold at scale”.
A separate piece of legislation which got Royal Assent last week – the Telecommunications (Security) Act – will give Ofcom new powers to monitor the security of telecoms networks. Fines of up to 10% of turnover or £100,000 a day can be issued for those that fail to meet standards.
The government described it as “a significant step” to protect the UK from hostile activity from both state actors or criminals.
Over the past two years the government has attributed a range of cyber-attacks to Russia, China, North Korea and Iran.
Six million Sky routers had serious security flaw
Why is Huawei still in the UK?
Kentucky fears more than 100 dead from tornadoes
100-year-old church destroyed in seconds. Video
UK PM warns of Omicron tidal wave
Black Axe: The ultra-violent cult that became a global mafia
Why holograms may soon replace video calls
France resists US challenge to its values
Omicron: India aims to avoid ‘pandemic roulette’
Why these students slept out in tents for weeks. Video
‘I woke up 50 metres from the truck’
Meth and heroin fuel Afghanistan drugs boom
‘My hand was saved by stitching it to my chest’ Video
Technology helping keep women safe on the streets
The twelve best films of Christmas…
Which one will be given the tinsel crown?
A beginner’s guide to identifying birdsong
How many can you recognise by sound alone?
© 2021 BBC. The BBC is not responsible for the content of external sites. Read about our approach to external linking.


Leave a Comment