The UK is now banning universal default passwords for IoTs or the Internet of Things devices under its new law. What's more, hefty penalties are awaiting firms who will disobey and fail to comply.

UK Bans Universal Default Passwords for IoTs, Fines Await Those Who Will Not Comply
(Photo : by Leon Neal/Getty Images)
LONDON, ENGLAND - AUGUST 09: In this photo illustration, A woman is silhouetted against a projection of a password log-in dialog box on August 09, 2017 in London, England. With so many areas of modern life requiring identity verification, online security remains a constant concern, especially following the recent spate of global hacks.

UK Bans Universal Default Passwords for IoTs

The United Kingdom Parliament passed the new law, which expressed distaste for default passwords, to prevent them from being reset after restoring the device to factory settings, as per the report by Gizmodo.

Instead, the bill that goes by the name The Product Security and Telecommunications Infrastructure Bill or PSTI is now requiring tech firms to use unique passwords for IoT home devices.

The UK Minister for Media, Data, and Digital Infrastructure, Julia Lopez, said in a statement that that cyberattacks or hackers are attempting to "break into people's smart devices" on an alarming daily basis.

Lopez further noted that consumers have a false sense of security when it comes to the products that are being sold in the market. Instead, these devices are actually "putting many of us at risk of fraud and theft."

Meanwhile, according to the news story by BBC, a recent study from the consumer watchdog called "Which?" showed that smart home devices are exposed to thousands of cyberattacks, which compromises the security of homeowners.

To be precise, there are potentially about 12,000 attacks on IoT devices every single week, the recent research claims.

That said, a security expert told BBC that banning default passwords is the "first step" to further avoid these kinds of attacks.

In addition to that, another report by cybersecurity firm Symantec last 2020 also showed that the universal passwords of IoTs are exposing home devices to cyberattacks.

The study went on to reveal that 55% of the IoT attacks used the default password of "123456." On the other hand, 3% of the hacking incidents were infiltrated by another universally used password, "admin."

Default Passwords and Fines

All that said, the PSTI bill of the UK seeks to increase the security of smart home devices by punishing tech firms that would use universal default passwords.

The steep fine that the British nation is imposing is no joke.

In fact, companies found disobeying the new security standards in the region will have to pay a whopping $11.2 million or 10 million in Euros.

Not to mention that the penalty could be more expensive as there is also an option to base it on the global revenues of the tech firm of up to four percent.

Read Also: UK Watchdog Questions Apple and Google About How They Access the Age Range of its Users

UK Law Requires More Security Updates Transparency

On top of that, the new law also requires tech firms to be more transparent regarding both the security patches and updates of their smart home products.

It is to note that the bill further claimed that only 20% of IoT firms are practicing transparency for their security updates. As such, the new law is about to change those figures.

Related Article: North Korea-Backed Hackers Allegedly Modify Malware to Breach US, UK, and Other Countries

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.