US to launch ‘labeling’ rating program for internet-connected devices in 2023 • TechCrunch

0

The Biden administration said it will launch a consumer cybersecurity labeling program The Internet of things Beginning in 2023 in an effort to protect Americans from “significant national security risks.”

It’s no secret that IoT devices generally have poor security postures. Weak default passwords have led to botnet operators hijacking insecure routers to strike victims with floods of internet traffic, destroying websites and entire offline networks. Other malicious hackers target IoT devices as a way to gain access to the victim’s network, allowing them to launch attacks or plant Malware from the inside.

As American consumers continue to fill their homes with more of these potentially unsafe devices, from routers and smart speakers to internet-connected door locks and security cameras, the US government wants to help educate them about security risks.

Inspired by Energy Star, a labeling program run by the Environmental Protection Agency and the Department of Energy to promote energy efficiency, the White House plans to roll out a similar IoT labeling program for “most dangerous” devices starting next year, a Biden administration official said Wednesday after a board meeting National Security with consumer product and hardware manufacturers associations.

Attendees at the meeting included White House cyber chief Anne Neuberger, Federal Communications Commission Chair Jessica Rosenworsel, National Internet Director Chris Inglis and Senator Angus King, along with leaders from Google, Amazon, Samsung, Sony and others.

The initiative, described by White House officials as an “Energy Star for cyber,” will help Americans learn whether devices meet a set of key cybersecurity standards set by the National Institute of Standards and Technology (NIST) and the Federal Trade Commission (FTC).

Although details of the program have yet to be confirmed, management said it would “keep things simple.” The administration official said the labels, which will be “universally recognized” and first appear on devices including home routers and cameras, will take the form of a “barcode” that users can scan with their smartphone instead of a static paper label.

The scanned barcode will be associated with information based on criteria, such as software update policies, data encryption, and vulnerability fixes.

The announcement comes after the White House last year ordered the National Institute of Standards and Technology (NIST) and the Federal Trade Commission (FTC) to explore two pilot programs for labeling the cybersecurity capabilities of IoT devices. as it comes after Last year, the UK government introduced the Internet of Things Security Bill to Parliamentwhich requires device manufacturers, importers, and distributors to meet certain cybersecurity standards.

Leave A Reply

Your email address will not be published.