News Hub

NCSC reveals consumer guidelines for IoT devices

Written by Tue 3 Mar 2020

Smart Cameras

The NCSC has released new IoT guidance on how to protect  gadgets such as smart cameras from hackers

Owners of internet-connected cameras and baby monitors are being urged to take extra security measures to protect the devices from hackers.

The National Cyber Security Centre (NCSC) has published new tips on protecting the smart gadgets from hackers, and is supported by consumer group Which?.

The guidance comes amid the rise in popularity of such cameras and concerns previously raised by Which? about security flaws in these types of devices.

The three-step advice asks users to change the default password on their camera, ensure its security software is kept up to date and disable the feature which lets users remotely access the camera from the internet if they do not use it.

The NCSC has warned that failing to protect such devices could see them accessed by hackers in extreme cases, placing a user’s privacy at risk.

Dr Ian Levy, technical director at the NCSC said: “Smart technology such as cameras and baby monitors are fantastic innovations with real benefits for people, but without the right security measures in place they can be vulnerable to cyber attackers.

“We want people to continue using these devices safely, which is why we have produced new guidance setting out steps for people to take such as changing passwords.

“These are practical measures which we can all take to help us get the most out of our home-based technology in a safe way.”

The Government has previously announced plans to introduce new laws which will force manufacturers to improve the security standards of internet-connected gadgets, which digital infrastructure minister Matt Warman said would “hold companies manufacturing and selling these devices to account”.

“We are working hard to make the UK the safest place to be online and want everyone to have confidence in their connected devices,” Mr Warman said.

“I urge everyone who owns a smart product to follow the NCSC guidance to make sure their device is secure.”

Under the Government’s plans, firms will be required to ensure consumer smart devices feature unique passwords not resettable to a universal factory setting.

They would also be required to provide a point of contact so anyone can report a vulnerability, and state a minimum length of time for which the device will receive security updates.

Caroline Normand, Which? director of advocacy said: “Which? has repeatedly exposed serious security flaws with devices including wireless cameras and children’s toys, so mandatory security requirements and strong enforcement that ensures manufacturers, retailers and online marketplaces are held accountable for selling unsecure products is essential.

“Until new laws are in place, it is vital that consumers research smart device purchases carefully, and follow guidance to ensure their devices are protected by strong passwords and receiving regular security updates to reduce the risk of hackers exploiting vulnerabilities.”

Written by Tue 3 Mar 2020

Send us a correction Send us a news tip