We live surrounded by permanently connected devices and if before the concern about security was limited mainly to the PC and to a greater or lesser extent to the smart mobile, now the appearance of the connected home and the arrival of televisions, refrigerators, air conditioners and In general, everything related to the IoT (Internet of Things) scenario has made the user's concern extend to more devices.
When buying a product, provided that it has a network connection, the buyer can think about the security it offers against threats, in the support that the manufacturer will offer over time, in the after-sales service in case of problems, among other questions we can ask ourselves.
The user is in a clear position of disadvantage and in the United Kingdom they want to tackle the problems related to security in IoT devices by improving the current legislation and they already have three points on which to create the new regulations.
For this they think of modifying the current legislation with the arrival of a new law that seeks greater protection of the user through the improvement of security standards. All connected household products (refrigerators, smart TVs, thermostats ...) must meet three requirements.
All the passwords of the IoT devices must be unique, that each user can create one and that is impossible to reset when returning to the universal factory settings.
Manufacturers must provide a form of contact so that any affected person can communicate in case of detecting any problem with the security of the device.
Manufacturers should make clear the time during which their devices will receive security updates.
If you look closely, these are very logical and not unusual requirements that can improve the security of all our IoT devices.
This is a series of measures that have been the result of a period of consultation by the "Department for Culture, Media and Sport" (DCMS) and the "National Cyber Security Center" (NCSC) of the United Kingdom.
The United Kingdom authorities are planning to have around 75 billion devices connected to the network by the end of 2025.
British lawmakers say they work to implement the law as soon as possible, but first expect manufacturers to voluntarily adopt these measures before they are enforced.
These security measures must be embodied in a more effective protection framework for the consumer to avoid possible attacks such as that of Silex malware in the summer of 2019, which caused the deletion of the firmware of the home devices such as surveillance cameras, electric locks , light bulbs, etc.
