On Augst 1, 2017, a group of U.S. senators plans to introduce legislation designed to address vulnerabilities in Internet-connected devices, or Internet of Things (IoT) devices, according to Reuters.
The bill, called the Internet of Things Cybersecurity Improvement Act of 2017, requires that any vendors providing Internet-connected equipment to the U.S. government must ensure their products are patchable and conform to industry security standards. Vendors would also be prohibited from supplying devices with unchangeable passwords or known security vulnerabilities.
Sens. Mark Warner (D-Va.), Steve Daines (R-Mont.), Cory Gardner (R-Colo.) and Ron Wyden (D-Wash.) introduced the legislation.
Hackers have been increasingly using IoT devices to breech systems , resulting in such high-profile attacks as the one that took down an Internet switchboard in October of 2016 and temporarily knocked sites such as Twitter and The New York Times offline.
According to an article in The Hill, the bill has support from prominent security, Internet and privacy researchers, including Harvard’s Jonathan Zittrain and Bruce Schneier; Jeff Greene, senior director of global government affairs and policy at Symantec; and Michelle Richardson, deputy director of the Freedom, Security and Technology Project at Center for Democracy and Technology.