Regulations enforcing consumer protections against hacking and cyber-attacks take effect from today, mandating that internet-connected smart devices meet minimum-security standards by law.
Manufacturers of products such as phones, TVs and smart doorbells are now required to implement minimum security standards against cyber threats
Consumers will benefit from banning of easily guessable default passwords, marking a significant leap in protecting individuals, society and the economy from cyber criminals
And consumer protections against hacking and cyber-attacks also come into force today, as all internet connected smart devices will be required by law to meet minimum-security standards.
Manufacturers will be legally required to protect consumers from hackers and cyber criminals from accessing devices with internet or network connectivity – from smartphones to games consoles and connected fridges – as the UK becomes the first country in the world to introduce these laws.
Under the new regime, manufacturers will be banned from having weak, easily guessable default passwords like ‘admin’ or ‘12345’ and if there is a common password the user will be promoted to change it on start-up.
This will help prevent threats like the damaging Mirai attack in 2016 which saw 300,000 smart products compromised due to weak security features and used to attack major internet platforms and services, leaving much of the US East Coast without internet. Since then, similar attacks have occurred on UK banks including Lloyds and RBS leading to disruption to customers.
The move marks a significant step towards boosting the UK’s resilience towards cyber-crime, as recent figures show 99% of UK adults own at least one smart device and UK households own an average of nine connected devices. The new regime will also help give customers confidence in buying and using products, which will in turn help grow businesses and the economy.
An investigation conducted by Which? showed that a home filled with smart devices could be exposed to more than 12,000 hacking attacks from across the world in a single week, with a total of 2,684 attempts to guess weak default passwords on just five devices.
The laws are coming into force as part of the Product Security and Telecommunications Infrastructure (PSTI) regime, which has been designed to improve the UK’s resilience from cyber-attacks and ensure malign interference does not impact the wider UK and global economy.
The new measures will also introduce a series of improved security protections to tackle the threat of cyber-crime:
- Common or easily guessable passwords like ‘admin’ or ‘12345’ will be banned to prevent vulnerabilities and hacking
- Manufacturers will have to publish contact details so bugs and issues can be reported and dealt with
- Manufacturers and retailers will have to be open with consumers on the minimum time they can expect to receive important security updates
Which? director of policy and advocacy Rocio Concha says: “Which? has been instrumental in pushing for these new laws which will give consumers using smart products vital protections against cyber criminals looking to launch hacking attacks and steal their personal information.
“The OPSS must provide industry with clear guidance and be prepared to take strong enforcement action against manufacturers if they flout the law, but we also expect smart device brands to do right by their customers from day one and ensure shoppers can easily find information on how long their devices will be supported and make informed purchases.”
Deputy Prime Minister Oliver Dowden is to launch a consultation on measures to protect UK universities from national security threats posed by foreign states.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Almost 100,000 workplace training places have been delivered in the past year for jobseekers, smashing the Government’s 80,000 annual target, new data has revealed.
Part of the Government’s plan to help people back to work and grow the economy, Sector-based Work Academy Programmes (SWAPs) help benefit claimants move off welfare and into work by providing tailored training and work experience before a guaranteed job interview. Businesses who are actively hiring help craft these six-weeks on-the-job programmes, so that participants gain the right experience and skills for their roles.
The latest figures published this week show that in the last year 98,710 places were delivered – the highest annual figure yet. It brings the total number of SWAP starts to 283,930 – in sectors ranging from coding to hospitality, construction, health and social care.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
DAESH
The RAF are continuing to take the fight to Daesh in Iraq and Syria.
On the evening of Sunday April 21st, a pair of Royal Air Force Typhoon FGR4s, flying as part of the long-standing global coalition, conducted a routine patrol over Syria and Iraq as part of Operation Shader.
Rockets were observed being launched in northwest Iraq against coalition forces. Acting rapidly in defence against this attack, our aircraft successfully employed a single Paveway IV, precision guided bomb to destroy the rocket launcher system.
Access further information on the British forces air strikes in Iraq and Syria: monthly list.
HUMAN RIGHTS
RFA Cardigan Bay will support the US military as it builds a new temporary pier to deliver aid directly into Gaza.
Royal Navy support ship RFA Cardigan Bay is sailing from Cyprus to provide support to an international effort to build a temporary pier to allow delivery of humanitarian aid directly from the sea.
US ships and personnel have already begun construction of the temporary floating pier as part of ongoing work to significantly expand the delivery of lifesaving aid into Gaza.
The Royal Fleet Auxiliary landing ship will provide accommodation for hundreds of US sailors and soldiers working to establish the pier. The pier will initially facilitate the delivery of 90 truckloads of international aid into Gaza and scale to up to 150 truckloads once fully operational, according to US estimates.
The multinational maritime corridor initiative will see tens of thousands of tonnes of aid pre-screened in Cyprus and delivered directly to Gaza via the temporary pier being constructed off the coast or via Ashdod Port, which Israel has said it will open.
The Foreign Commonwealth and Development Office (FCDO) have summoned the Russian Ambassador Andrey Kelin following allegations of Russian orchestrated malign activity on UK soil.
Statement by UK Political Coordinator Fergus Eckersley at the UN Security Council meeting on threats to international peace and security.
The UK and UNICEF have launched a programme to improve health and nutrition of vulnerable pregnant women and young children in Somalia.
SLAVERY UK
The modern slavery statement registry has been updated to encourage UK companies to help the government’s efforts to tackle this barbaric crime.
The changes will encourage businesses to upload their annual modern slavery statements in a timely way and support them to publish robust statements.
Modern slavery statements help reduce the risk of forced labour being used in UK supply chains by increasing transparency and allowing consumers to make informed choices.
The nature of modern slavery and complexity of global supply chains means it is highly unlikely that any sector or business is immune from the risks. We do not want any business to claim they are ‘slavery free’.
If a statement shows there is a risk of modern slavery in a company’s supply chains, the statement allows them to demonstrate the steps they are taking to address it year on year.
The following updates to the registry are now live:
- one-off email notification to registered companies who have not uploaded a statement since the registry was launched in 2021
- email reminders to registered companies every year to prompt them to submit their latest annual statement
- if companies have not yet uploaded their annual statement, they will first receive a reminder one month before the deadline
- a further reminder will be sent 2 weeks before the deadline and a final reminder one week prior to the deadline
- changes to the statement summary pages and search pages to clearly show how many of the recommended sections a company has completed on the registry – this will allow customers to make more informed decisions and see how companies are working to eliminate modern slavery in their supply chains
As part of the Modern Slavery Act 2015, some companies are legally required to publish statements if all of the following criteria apply:
- it is a ‘body corporate’ or a partnership, wherever incorporated or formed
- it carries on a business, or part of a business, in the UK
- it supplies goods or services
- it has an annual turnover of £36 million or more
Modern slavery statements can also bring a number of business benefits including:
- protecting and enhancing an organisation’s reputation and brand
- protecting and growing the organisation’s customer base as more consumers seek out businesses with higher ethical standards
- improved investor confidence
- greater staff retention and loyalty based on values and respect
- developing more responsive, stable and innovative supply chains
See our guidance on publishing an annual modern slavery statement to help you identify if your organisation needs to publish a modern slavery statement and how to upload to the registry.
Editor’s note: The above are thumbnail (or larger) details of various Government communiques / press releases which you may / may not have read about. Not all involve politicians. But not all the headings on them say what the item is REALLY about so, in a few cases, NFCP have put an alternative headline (or alternative opening paragraph) on them…
All can be found in full at News and communications – GOV.UK https://www.gov.uk/search/news-and-communications
NEWS FROM CRYSTAL PALACE 