The government of the United Kingdom (UK) has announced that weak passwords like “1234” and “admin” will be banned from smart devices effective April 29 (today) to improve security standards, according to an official press statement.
The new set of regulations, which the UK says is the first of its kind in the world, will legally require manufacturers to protect consumers. The law will help safeguard consumers against hackers and cyber criminals by preventing them from accessing devices with network connectivity. Smartphones, gaming consoles, and fridges are some of the examples of devices that the government seeks to protect from cyber attacks.
“Under the new regime, manufacturers will be banned from having weak, easily guessable default passwords like ‘admin’ or ‘12345’ and if there is a common password the user will be promoted to change it on start-up,” reads the statement. “This will help prevent threats like the damaging Mirai attack in 2016 which saw 300,000 smart products compromised due to weak security features and used to attack major internet platforms and services, leaving much of the US East Coast without internet.”
In October 2016, the Mirai cyber attack disrupted a large spread of the internet in America. It targeted the servers of Dyn, a tech company that manages majority of the internet’s domain name system (DNS) infrastructure, according to The Guardian. The cyber attack impacted the internet services in the US and Europe for almost a day, with popular sites, including the CNN, X (then known as Twitter), Netflix, Reddit, and the Guardian itself facing widespread blackout. Similar attacks have taken place against certain banks in the UK following the Mirai episode, causing inconvenience to consumers, according to the statement.
“The move marks a significant step towards boosting the UK’s resilience towards cyber-crime, as recent figures show 99% of UK adults own at least one smart device and UK households own an average of nine connected devices,” the statement reads. “The new regime will also help give customers confidence in buying and using products, which will in turn help grow businesses and the economy.”
Citing an investigation conducted by Which?, a UK-based publication, the government says that a home with advanced devices could be exposed to 12,000 hacking attacks from across the world within a single week, in addition to about 2,684 attempts to guess weak passwords on five devices alone.
“The UK government has collaborated with industry leaders to introduce this raft of transformative protections, which also include manufacturers having to publish information on how to report security issues to increase the speed at which they can address these problems,” the government says. “In addition, consumers and cyber security experts can play an active role in protecting themselves and society from cyber criminals by reporting any products which don’t comply to the Office for Product Safety and Standards (OPSS).”
