IoT Security Reinforcement Initiative Launched at the White House, Introducing Consumer Labeling System

The Federal Communications Commission (FCC) has proposed a new voluntary program aimed at enhancing the cybersecurity of everyday smart home devices. The initiative, known as the U.S. Cyber Trust Mark, is scheduled to roll out by late 2024 and will cover devices such as refrigerators, televisions, thermostats, and fitness trackers.

The program is a response to the growing concern over the security of smart home devices, with millions of Americans using them for remote work and daily entertainment. In recent months, these devices have become increasingly attractive targets for malicious attacks.

Under the U.S. Cyber Trust Mark, devices that meet specific cybersecurity criteria will receive a U.S. Cyber Trust Mark label. The National Institute of Standards and Technology (NIST) is expected to define these criteria for consumer-grade routers by the end of 2023.

The criteria are designed to ensure strong and default passwords, data protection, software updates, and incident detection. NIST will publish these specific criteria for the program.

The FCC will also introduce a QR code that links to a registry of certified smart home devices. Over 25 billion IoT devices are expected to be in circulation by 2030, making it crucial to better secure home-based networks.

Information security experts consider it critical to secure home-based networks, especially with millions of U.S. workers operating from home office environments. The FCC plans to work with the Department of Justice on oversight and enforcement safeguards to ensure the program's effectiveness.

The Biden administration considers an Energy Star type of consumer labeling program a key part of an effort to strengthen the nation's cyber infrastructure. In addition, the Department of Energy is unveiling a program to develop cybersecurity labeling for smart meters and power inverters, part of a larger plan to develop a safer grid.

The U.S. Cyber Trust Mark is a voluntary labeling program for IoT devices, and it's not the only initiative aimed at improving cybersecurity. In the past, there have been reports of China-linked Volt Typhoon campaigns against U.S. critical infrastructure providers, which involved the compromise of vulnerable home routers and SOHO networks.

In the first half of 2021, more than 1.5 billion attacks were made against IoT devices. This underscores the need for initiatives like the U.S. Cyber Trust Mark to help consumers make informed decisions about the devices they bring into their homes.

Federal Communications Commission Chair Jessica Rosenworcel has proposed this program to provide clear information about the cybersecurity of smart home devices to consumers. The Biden administration has unveiled this consumer labeling plan to strengthen the cybersecurity of smart home devices.