WHY THIS MATTERS IN BRIEF
Most IOT connected devices have little to no security which means they can be hacked, abused and used, so this rating hopes to solve that and raise IOT security awareness.
Many homes are already brimming with smart home gadgets, which is nice for convenience but less so for security, but how do you know which gadgets have the best cyber security and which ones should stay on the shelf? Well now there’s a solution on the horizon, and I first talked about it many years ago …
Smart home and Internet of Things (IoT) devices are known to have security issues, and the US government has now taken notice. Starting next year a wide range of US government agencies will begin a program modelled on the Energy Star standard to label products that are found to meet certain security standards.
Protect yourself and your company from hackers, by keynote Matthew Griffin
The White House announced the move following a meeting with device manufacturers like Google, Samsung, and Amazon, as well as representatives from consumer product associations. In attendance on the government’s side were FCC chairwoman Jessica Rosenworcel, National Cyber Director Chris Inglis, and White House cyber official Anne Neuberger. This follows an announcement in 2021 that the White House had directed the NIST and FCC to explore a pilot program for cybersecurity labels.
This is not simply about keeping your home network safe — IoT vulnerabilities can have security impacts on the internet as a whole such as the time when a giant Botnet attack took down most of the US West Coast and European internet a couple of years back. They can also allow online criminals to take over devices which they then use to launch massive Denial of Service (DoS) attacks on websites and services, including those run by the government.
Initially, the labels will focus on devices that are considered the most potentially dangerous, such as routers and security cameras. If either of those devices is infiltrated, an attacker could gather vast amounts of information and spy on a household or business.
The program will later expand to more IoT devices, even the simplest of which can provide an attack surface for someone to gain access to your home network. And, surely, smart speakers will be on the roadmap – these devices are supposed to key on specific wake phrases, but they could be used to listen in on anything if compromised by a serious security flaw.
The labelling program will be overseen by the National Institute of Standards and Technology (NIST) and the Federal Trade Commission (FTC), which will work to develop standards that will be used to test smart home gadgets. The labels will also be “globally recognized,” according to the release, and for people who are looking to purchase a product covered by the labelling scheme there will be a barcode you can scan to get details about the evaluation standards, data encryption and security, and protection from vulnerabilities.