FCC suggests IoT device standards, consumer labels could play significant role
Dec 05 2016
WASHINGTON – U.S. Sen. Mark R. Warner (D-VA) applauded the response of the Federal Communications Commission (FCC) to his October 25th letter raising concerns about the proliferation of insecure Internet of Things (IoT) devices. Sen. Warner, co-founder of the bipartisan Senate Cybersecurity Caucus and the incoming Vice Chair of the Senate Intelligence Committee, said the FCC response, which offers a plan to reduce risks from insecure devices, provides the incoming Trump Administration with a roadmap for additional work in this area.
The FCC letter resulted from Sen. Warner’s questions about the October 2016 Mirai botnet attack, which utilized vulnerable devices such as internet-connected cameras and DVRs to temporarily overwhelm popular Internet sites including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix. In the past week, a sophisticated variant of Mirai reportedly infected over one-million routers in Germany, the United Kingdom and Brazil.
“The Commission’s response to my questions validates my concerns about the risk of crippling cyberattacks made easier through connected consumer appliances and wirelessly connected household devices,” Sen. Warner said. “The FCC chairman confirms that internet service providers already have the authority – if not the responsibility – to protect their networks by blocking malicious and harmful traffic. I also am pleased to learn the FCC also has been discussing improved tools, including setting security standards for IoT devices, to better protect consumers as well as the broader Internet.”
“The commission’s proposal for a device certification process, either by the agency or through industry self-certification, deserves strong consideration,” Sen. Warner continued. “Similarly, the FCC’s suggestion of consumer labeling requirements echoes the call by many security experts for metrics that will empower and educate consumers. I strongly urge the incoming Trump Administration to make cybersecurity a top priority, because we simply must move forward with responsible new initiatives to better engage consumers, manufacturers, retailers, internet sites and service providers in improving our nation’s cybersecurity posture.”