Towards global trust and safe IoT: Euroconsumers backs call for basic worldwide IoT security standards
Euroconsumers is backing a new call from consumer groups, industry and hackers calling for worldwide commitment to standards on IoT security. A unique coalition of Consumers International, World Economic Forum, the Tech Accord grassroots tech network I Am the Cavalry, has come together to launch this call for the urgent adoption of a new baseline standard for IoT. Consumers International has been working with the Tech Accord since 2020 to push for global action on consumer IoT security.
The Tech Accord estimates that there were 2.9 billion attacks on IoT carried out in 2019. Consumer devices including security camera systems, smart hubs, printers, smart TVs were the most popular targets.
Build IoT security to increase consumer trust
News headlines about insecure IoT risk eroding consumer trust. Global commitments like this one are needed so people know their devices will be kept secure and their data protected. With this reassurance, consumers will be able to take advantage of the potential opportunities that connected devices offer.
Euroconsumers works closely with Consumers International on global, systemic issues like cybersecurity that impact on consumers wherever they are in the world. Our work on the 'Hackable Home' has clearly shown that consumers need urgent protection from the billions of cyberattacks carried out on IoT devices each year.
The rise of the Hackable Home
Euroconsumers are well aware of the extent of insecure consumer IoT that is readily available for sale. Last year, we ran a major testing project on the security and confidentiality of 16 common home smart devices including doorbells, locks, baby monitors, robo-vacuum cleaners, WiFi routers and alarm systems.
Ten of the 16 tested devices were affected by a ‘high severity’ or ‘critical’ vulnerability and were found in both well known and unknown brands.
Our expert testers found multiple vulnerabilities which could leave the device and its owner open to the theft and abuse of personal data. They were able to gain access to sensitive information in banking apps and found ways to link up multiple connected devices to carry out large scale, distributed attacks.
Five baseline requirements for consumer IoT security
The joint statement from Consumers International, WEF and the Tech Accord calls on manufacturers and vendors of consumer IoT devices to meet five critical requirements which will strengthen the currently vulnerable network. The signatories encourage governments to promote these provisions and to further harmonize standards around the needs of consumers.
The good news is that many governments and industry sectors are developing standardisation products and guidance which reflects these core elements. The statement issued today wants to push forward on this momentum and ensure that there is consistency across different markets and products.
Euroconsumers welcomes this as an important first step to secure, safe IoT all over the world:
“The wider the reach of Consumer IoT security standards, the closer we are to a future where every consumer can rely on basic security features in every connected device they use, no matter where they live in the world.
We welcome this important step to building trust. If we want the IoT ecosystem to flourish and grow it has to be safe and secure”
Els Bruggeman, Head of Policy and Enforcement, Euroconsumers
Euroconsumers will also continue its work to create safe connected homes and secure consumer IoT in Spain, Italy, Portugal and Belgium. Along with BEUC, we will campaign at the European level and in our key markets for more trustworthy and safe devices in consumer’s hands and homes.
Practical tips from our members Deco Proteste, Altroconsumo, OCU and Test-Achats/Test-Aankoop on how smart device users can better protect themselves now can be found here.