blank
Connect with us

UK Government

New cyber security laws to protect smart devices amid pandemic sales surge

Published

on

unrecognizable women messaging on smartphones after shopping in city

Makers of smart devices including phones, speakers, and doorbells will need to tell customers upfront how long a product will be guaranteed to receive vital security updates under plans to protect people from cyber attacks.

New figures commissioned by the government show almost half (49%) of UK residents have purchased at least one smart device since the start of the coronavirus pandemic. These everyday products – such as smart watches, TVs and cameras – offer a huge range of benefits, yet many remain vulnerable to cyber attacks.

Just one vulnerable device can put a user’s network at risk. In 2017, attackers infamously succeeded in stealing data from a North American casino via an internet-connected fish tank. In extreme cases hostile groups have taken advantage of poor security features to access people’s webcams.

To counter this threat, the government is planning a new law to make sure virtually all smart devices meet new requirements:

  • Customers must be informed at the point of sale the duration of time for which a smart device will receive security software updates
  • A ban on manufacturers using universal default passwords, such as ‘password’ or ‘admin’, that are often preset in a device’s factory settings and are easily guessable
  • Manufacturers will be required to provide a public point of contact to make it simpler for anyone to report a vulnerability.

Smartphones are the latest product to be put in scope of the planned Secure By Design legislation, following a call for views on smart device cyber security the government has responded to today.

It comes after research from consumer group Which? found a third of people kept their last phone for four years, while some brands only offer security updates for a little over two years.

The government continues to urge people to follow NCSC guidance and change default passwords as well as regularly update apps and software to help protect their devices from cyber criminals.

Advertisement

UK Digital Infrastructure Minister Matt Warman said: “Our phones and smart devices can be a gold mine for hackers looking to steal data, yet a great number still run older software with holes in their security systems.

“We are changing the law to ensure shoppers know how long products are supported with vital security updates before they buy and are making devices harder to break into by banning easily guessable default passwords.

“The reforms, backed by tech associations around the world, will torpedo the efforts of online criminals and boost our mission to build back safer from the pandemic.”

Security updates are a crucial tool for protecting people against cyber criminals trying to hack devices.

Yet research from University College London found none of the 270 smart products it assessed displayed information setting out the length of time the device would receive security updates at the point of sale or in the accompanying product paperwork.

Advertisement

By forcing tech firms to be upfront about when devices will no longer be supported, the law will help prevent users from unwittingly leaving themselves open to cyber threats by using an older device whose security could be outdated.

Just one in five global manufacturers have a mechanism in place to allow security researchers – firms and individuals who find security flaws in devices – to report vulnerabilities.

These moves have been supported by important tech associations across the globe including the Internet of Secure Things (IoXT), whose members include some of the world’s biggest tech companies including Google, Amazon and Facebook.

Brad Ree, CTO of the Internet of Secure Things (IoXT) Alliance, said: “We applaud the UK government for taking this critical step to demand more from IoT device manufacturers and to better protect the consumers and businesses that use them.

“Requiring unique passwords, operating a vulnerability disclosure program, and informing consumers on the length of time products will be supported is a minimum that any manufacturer should provide. These are all included in the IoXt compliance programme and have been well received by manufacturers around the world.”

Advertisement

The new law builds upon world-leading work the government has already done to boost the security of smart devices, including publishing a code of practice for device manufacturers to boost the security of their products in 2018.

Last month the Digital Secretary Oliver Dowden set out his ten tech priorities which included keeping the UK safe and secure online and the government published its groundbreaking Integrated Review of defence and security.

The government also played a vital role in developing the first major international standard for consumer device cyber security to help manufacturers protect consumers around the world from falling victim to cyber attacks.

This standard has been supported by the Cybersecurity Tech Accord (CTA), an industry association whose members include Arm, Microsoft and Dell, and has also been promoted in Australia, Singapore, Finland and India – demonstrating Britain’s global influence as a cyber power.

Three new voluntary assurance schemes have been launched recently to give shoppers confidence a smart product has been made cyber secure, thanks to a £400,000 government grant.

Advertisement
  • The Stockport-based Internet of Toys Assurance Scheme will allow parents to know from the outset whether a smart toy they are buying their children has been tested and meets the minimum security requirements
  • The Smart TV Cybersecurity Certification programme will provide third-party testing and give confidence to buyers of smart TV products by allowing approved devices to display a certification logo
  • The IASME IoT Security Assured initiative will be open to start-ups and smaller companies to carry out verified cyber security self-assessment of their products to ensure they meet high standards.

National Cyber Security Centre Technical Director Dr Ian Levy said: “Consumers are increasingly reliant on connected products at work and at home. The Covid-19 pandemic has only accelerated this trend and while manufacturers of these devices are improving security practices gradually, it is not yet good enough.

“DCMS’ publication builds on the 2018 Code of Practice and ETSI EN 303 645 to clearly outline the expectations on industry. To protect consumers and build trust across the sector, it is vital that manufacturers take responsibility and pay attention to these proposals now.

“It is also important to support uptake of good practice and provide industry with opportunities to innovate. I’m pleased to see the pilots, funded by DCMS, begin to test ways in which customers will be able to gain confidence in the security of these devices.”

Annalaura Gallo, Head of the Cybersecurity Tech Accord secretariat, said: “Trust in technology is a key issue of our time and security is a fundamental building block to achieve this.

“We welcome the leading role played by the UK Government in promoting a national and international focus on this issue in a way which is designed to drive up security without imposing onerous burdens on people creating new technology for consumers.”

John Moor, Managing Director of the Internet of Things Security Foundation, said: “We welcome this announcement as a necessary and considered development to make consumers safer. As an expert body, we welcome the clarity it brings for our manufacturing members both now and moving forwards.

Advertisement

“The Internet of Things is constantly evolving and security requirements must continue to keep pace. As such, the importance of vulnerability management and updating security software cannot be understated. In the words of one of our members: ‘remember, if it ain’t secure, it ain’t smart’.”

Rocio Concha, Director of Policy and Advocacy at Which?, said: “New laws to tackle this issue are a crucial step as there are a vast array of connected devices with security flaws, many of which are currently on the market, that put consumers at risk from cyber criminals.

“We share the government’s ambition to make the UK one of the safest places in the world for consumers to use smart technology and this must be backed up by strong enforcement, ensuring people can get effective redress when they purchase devices that fail to meet security standards and leave them exposed to data breaches and scams.”

The government says it intends to introduce legislation as soon as parliamentary time allows.

(Lead image: Tim Douglas / Pexels.com)

Advertisement

Advertisement
Advertisement
Click to comment

Leave a Reply

Business

Welsh and UK Governments agree to establish Freeports in Wales

Published

on

By

The Welsh Government has reached agreement with the UK Government on the establishment of Freeports in Wales.

Welsh Ministers have agreed to support Freeport policies in Wales following the UK Government’s agreement to meet the Welsh Government’s demands that UK Ministers provide at least £26m of non-repayable starter funding for any Freeport established in Wales, which represents a parity with the deals offered to English Freeports.

Advertisement

The UK Government have agreed to meet a number of other demands – including that both Governments will act on the basis of a ‘partnership of equals’ to deliver any Freeports in Wales.

In addition, both Governments have agreed a Freeport will only be implemented if it can be demonstrated clearly it will operate in a manner that aligns with the Welsh Government’s policies on fair work and environmental sustainability, including the commitment to Wales becoming a net-zero carbon nation.

Economy Minister, Vaughan Gething said: “Following considerable engagement between our Governments, I’m pleased we have been able to reach agreement with UK Ministers to establish Freeports in Wales. The agreement we have reached is fair to Wales, and respects the Welsh Government’s responsibilities in devolved policy areas.

“However, we have made it clear to the UK Government that a Freeport will only be implemented if it can be demonstrated, using robust evidence and analysis, that it will support our fair work agenda and deliver long-term, sustainable benefits for Wales, and value for money for Welsh taxpayers.

“I very much hope that the UK Government’s willingness to work with the Welsh Government as equals on Freeports can provide a positive model for future co-operation between our governments on other initiatives.”

Advertisement

The UK Government’s Secretary of State for Levelling Up, Housing and Communities, Michael Gove said: “I am delighted that Wales is the latest area in the UK set to benefit from a new Freeport.

“The UK Government’s ambitious Freeports agenda will help to level up our coastal communities and create new opportunities for people right across the country.

“Together with the Welsh Government, I look forward to seeing innovative proposals come forward that demonstrate tangible benefits for the people of Wales.”

In addition, Welsh and UK Ministers have agreed that the UK Government will provide tax incentives for Freeports in Wales in parity with Freeports in other parts of the United Kingdom for the reserved taxes that have been designated to advance the policy aims. The Welsh Government will design tax reliefs from local and devolved taxes (Non-Domestic Rates and Land Transaction Tax) to support the policy aims.

Both Governments say they will remain open to the possibility of a multi-site Freeport in Wales. In recognition of Wales’ unique economic geography and the Welsh Government’s aspirations for economic development in Wales, the UK Government is willing to relax the 45 km boundary limit for a multi-site Freeport solution, should there be a sufficiently compelling case for doing so.

Advertisement

Both Governments will also remain open to the possibility of allowing more than one Freeport in Wales, should they be presented with a sufficiently compelling business case.

As with English Freeports, a fair and open competitive process will be used to determine where the policy should be implemented in Wales. Both Governments will work together to co-design the process for Freeport site selection, and both will have an equal say in all decisions throughout the implementation process. This includes the final decision on site selection.

Both Governments have begun the process of designing the bid prospectus for the competition and further details about the timing of next steps will be released in due course.

Continue Reading

Farming

Farming union hits out over Welsh and UK Government’s lack of engagement on Ukraine supply chain crisis

Published

on

By

The Farmers’ Union of Wales has, for a second time, written to the Welsh Government urging them to instigate actions within their control to alleviate some of the pressures of the Ukraine war on Welsh farmers and consumers.

In response to the initial letter sent to the Welsh Government on 4th March 2022, in which the Union requested a roundtable meeting with them and other stakeholders to discuss such issues and possible actions, the Minister for Rural Affairs and North Wales, and Trefnydd stated that the Welsh Government did not believe such a meeting was appropriate.

Advertisement

FUW President, Glyn Roberts
(Image: FUW)

In his letter of reply, FUW President Glyn Roberts said: “We are acutely concerned at the failure of both the Welsh and UK Governments to engage with the supply chain early on in order to explore immediate actions that will help mitigate problems that are having an impact now, and will continue to do so for the remainder of the year and at least into 2023.

“Such impacts are affecting and will continue to affect not only farmers, but also consumers, and this is therefore an issue not only for the food and farming industry but also for the Welsh and UK population as a whole.”

Mr Roberts also highlighted the need for the UK Agriculture Market Monitoring Group on which the Welsh Government sits to take a more proactive approach and share information in a more timely manner, stating:

“It is worth noting that the last set of minutes published on the UK Government website relates to a meeting held on 8th February 2022, many weeks before Russia’s attack on Ukraine.”

“I know you will be aware of the impacts being reported across the supply chain, whether in terms of cooking oil, fuel, feed or fertiliser, and predicted shortages, for example of eggs, and we fully appreciate that with regard to many of these there is little if anything that the Welsh Government can do,” wrote Mr Roberts.

Advertisement

“However, there certainly are actions that can be instigated by the Welsh Government to alleviate some pressures for Welsh farmers which will benefit consumers over the coming months and years, and while these may be limited we believe it is incumbent upon the Welsh Government to act now in order to do what it can to assist farmers, food producers and consumers,” he added.

(Lead image: FUW)

Continue Reading

Fishguard

Grassroots sports in Wales get £1.3m investment in UK Government Levelling Up announcement

Published

on

By

Beneficiaries of an initial £1.3 million investment in grassroots football facilities across Wales this year are announced by the UK Government.

In the Swansea Bay Region, Mumbles, Pontarddulais and Fishguard football clubs see over £140,000 in investment.

Advertisement

Seventeen projects across Wales will receive funding to create and improve pitches, changing rooms and pavilions, so that more local communities can access high-quality facilities.

Projects have been chosen for their ability to deliver improved facilities in deprived areas, support multi-sport use and increase participation among currently under-represented groups, including women, girls and disabled players.

Mumbles Rangers AFC

Mumbles Rangers AFC who play at Underhill Park (pictured above) will receive £19,332 for essential grass pitch maintenance machinery. The club say this is so the pitch can effectively service the rugby and football teams across all age groups who use it.

The pitch has been upgraded over the last two years and supports two-day male and female football festivals with teams competing from across South Wales

The club will also invest £2,148 of its own funds towards the scheme.

Advertisement

Pontarddulais Town FC

Pontarddulais Town FC who play at Coed Bach Park will get £98,842 to renovate an old changing room block that is no longer fit for purpose, bringing it back into use. The club say the funding will provide female toilet facilities and allow other community groups to benefit from the increased capacity.

The club will also invest £8,000 of its own funds into the scheme, in addition to £2,000 from Funds for Wales, £1,000 from Mynydd y Gwair wind farm and £3,477 from a voluntary works labour contribution.,

Fishguard Sports AFC

Further West, Fishguard Sports AFC who play at Tregroes Park will receive £26,072 to improve the drainage of the second pitch and purchase portable floodlights, so that it can be used into the evenings. The club say the poor drainage has prevented the club from expanding its offer, especially for ladies football, cricket and the U16’s disabled team which this project will unlock.

The club will invest £1,897 of its own funds, as well as £1,000 voluntary works labour contribution towards the scheme.

Investment in community facilities

The funding, combined with contributions from clubs and other local partners, will improve the quality of community facilities, bring people together to enjoy playing sport in their local area, regenerate communities and enhance social cohesion.

Advertisement

It forms part of a £25 million UK-wide investment in grassroots facilities during this financial year, out of a total of £230 million set to be invested to help to build or upgrade up to 8,000 quality pitches across the UK over the next four years. The funding will also support the construction or refurbishment of clubhouses, changing facilities and community buildings.

The Football Association of Wales is delivering the programme on behalf of the UK Government in Wales. Following the UK Government’s commitment, the Welsh Government has also opted to invest £1.3 million to improve grassroots facilities this year – the FAW is working with both governments to maximise the benefits of this combined investment for local communities.

UK Sports Minister Nigel Huddleston said: “We are committed to improving access to high quality sports facilities for the underprivileged and underrepresented in Wales.

“From female changing rooms at Treborth Playing Fields in Bangor to new pitches in Welshpool and Swansea, this will ensure more people can enjoy the physical and mental health benefits of sport at top class facilities in their local community.”

Secretary of State for Wales Simon Hart said: “Grassroots football clubs are at the heart of their communities, providing sporting opportunities but also bringing incalculable health and social benefits to local children and adults.

Advertisement

“They play a hugely important role and I’m thrilled that the UK Government is making this investment in facilities the length and breadth of Wales which will help the clubs and groups receiving this funding to continue their fantastic work.”

Chief Executive Noel Mooney from the Football Association of Wales said: “The Football Association of Wales is pleased to be working closely with the UK and Welsh Governments to improve facilities across Wales and are grateful for their support.

Improving the facilities across Wales is the FAW’s number one strategic objective. This initial round of funding marks the beginning of an exciting journey, and the FAW will continue to work closely with all of its stakeholders, to create a facilities investment fund in order to deliver impactful projects across all corners of Wales as we strive to make football inclusive and accessible to all.”

Joint UK bid for Euro 2028

Today’s announcement follows a joint ‘Expression of Interest’ submitted to UEFA by the Football Associations of England, Northern Ireland, Republic of Ireland, Scotland and Wales on Wednesday (23 March).

The Governments of the UK, Ireland, Scotland and Wales have confirmed their support for the EOI submission and, given the Northern Ireland Executive is currently not meeting formally, officials there continue to observe the process closely.

Advertisement

Formal discussions on the technical specifications for the tournament are expected to take place with European football’s governing body over the coming weeks, before a final decision is made on submitting a formal bid.

On the prospects of hosting UEFA EURO 2028, Sports Minister Nigel Huddleston added: “This is welcome news from the FAs, and the Government remains committed to working closely with them and our partners in the Government of Ireland and the Devolved Administrations to bring UEFA’s flagship festival of international football to the UK and Ireland.

“Our unprecedented partnership creates the potential for the best EUROs ever, and we are passionate about bringing another world-leading sporting event here, creating a real celebration of football for people across the UK and Ireland.

“The government continues to demonstrate its commitment to sport and recreation, recently announcing that it is also investing £30 million to refurbish more than 4,500 tennis courts across the UK.”

(Lead image: Go Underhill)

Advertisement
Continue Reading
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

Trending

Copyright © 2021 Swansea Bay News