The Australian government recently released a draft Code of Practice, Voluntary Code of Practice: Securing the Internet of Things for Consumers, which will be open for comment until March 1, 2020. The Code of Practice, which covers all IoT devices available in Australia, is designed to address the following:
Default and Weak Passwords
Secure Software Updates
Secure Credential Storage
Protection of Personal Data
Exposed Attack Surfaces
Resiliency of Systems to Outages
System Telemetry Data
Personal Data Deletion
Device Installation and Maintenance
Australia isn't the only one concerned about the robustness of IoT devices, however, as both the United States and the EU have begun taking action to strengthen IoT device security.
In February, the EU passed a similar code, Cyber Security for Consumer Internet of Things, which addresses the same thirteen topics as listed above.
And more recently in the United States, the house introduced a bill that will require training federal employees in cybersecurity and educating them on the security risks for IoT devices. According to Representative Ro Khanna, the bill will “ensure that our federal workforce is aware of these vulnerabilities when using IoT devices at work and at home. This simple bill does its part in modernizing our government into the 21st century.”
With the introduction of 5G, the number of IoT devices on the market will sky-rocket, as this network will provide the backbone for innovative devices requiring lower latency and faster speeds. According to a 2019 report by Business Intelligence, 64 billion IoT devices are predicted to reach the market by 2025. IoT devices are highly vulnerable to cyberattacks, however, including DDoS; spoofing; and malware. In the last year, almost 50% of organizations experienced a cyberattack on their IoT devices. Therefore, it is imperative that we invest in creating and regulating cybersecurity codes and regulations to protect civilians, businesses, and governments from cyber threats.
Sources: https://www.rtinsights.com/house-bill-requiring-iot-cybersecurity-training-introduced/, https://www.darkreading.com/iot/fewer-than-half-of-cybersecurity-professionals-have-a-plan-in-place-to-deal-with-iot-attacks-despite-the-fact-that-ninety-percent-worry-about-future-threats/d/d-id/1336249