A motion which was calling the government to do something about insecure Internet of Things (IoT) devices, was accepted by a vast majority (148 out of 150 votes) in the Dutch parliament.
SP member Maarten Hijink and D66 member Kees Verhoeven made up this motion during a debate regarding ransomware WannaCry. The rapid dispersion of the ransomware made clear that digital security needs to be more prioritised than before.
Hacked water boilers
Hijink and Verhoeven are calling the government to investigate the motion and to see which (minimum) security requirements on IoT devices have to be set up, how these requirements can be enforces, and which other measures need to be taken in order to protect the consumers against insufficiently protected devices.
“No one wants to be victim of a huge cyber attack and see their water boilers or fridges being hacked”, explaining the motion. By the end of 2016, Verhoeven already advocated for official security standards for IoT devices.
Nowadays, many devices have a internet connection but are not sufficiently protected or only use an easy and average password for its devices. As a result, these devices appear to be a weak link in the internet security of consumers which can be abused by hackers.
The European Commission is investigating the possible standards for such devices, however, no concrete results came out of thise investigations. Therefore, Verhoeven argued that The Netherlands has to start with these standards already and now Hijink shares this thought as well.
“Many consumers are not aware of the threats”, according to Hijink. “You can increase the awareness but it does not help much when the producers launch its products on the market which are insecure for the normal user.”
Hijink propose to producers to already set up a small number of requirements for products they launch on the market. The parliament will discuss on how to start the investigation to smart gadgets.
A way to test these IoT devices could be by a National Cyber Testbed.