Senators Want to Secure the Internet with a New Bill
The U.S. Senate has decided to take the lead in Internet security. A bipartisan group of senators have introduced legislation aimed at securing internet-connected smart devices, which were at the center of a massive cyberattack that brought down large swathes of the internet last year.
The “Internet of Things Cybersecurity Improvement Act,” introduced by Sens. Mark Warner (D-VA) and Cory Gardner (R-CO), will require tech companies that supply devices to the federal government to adhere to a level of industry-wide security practices if they want to sell connected devices to the government. The devices, such as wearables, cameras and smart sensors, would be required to be patched with security fixes. The bill will also prohibit devices from including hard-coded and unchangeable usernames and passwords, such as the ubiquitous “admin,” long seen as one of the primary ways malware can break in and hijack devices.
Hundreds of thousands of insecure webcams, digital records and other everyday devices were hijacked in a major attack last October that took down large portions of the Internet.
“We’re trying to take the lightest touch possible,” Warner told Reuters in an interview. He added that the legislation was intended to remedy an “obvious market failure” that has left device manufacturers with little incentive to build with security in mind.
With as many as 20.4 billion IoT devices expected to be connected to the internet by the end of the decade, the legislation aims to future-proof the industry from mistakes it’s largely brought on by itself.
Tyler Shields, the vice president of strategy at security company Signal Sciences, points out that being able to patch a device isn’t exactly advanced security and that the proposed bill is only meeting the “bare minimum standard” for IoT security.
“Will this make IoT secure as a final point? Absolutely not, in no way,” Shields said. “What it will do, is set a bare minimum for the government. Hopefully it sets a standard for the commercial sectors too.”