What will the US Cyber Trust Mark mean for non-technical people?
This question was answered on July 20, 2023. Much of the information contained herein may have changed since posting.
Our appetite for smart gadgets in our homes has opened an attack vector for a variety of bad actors. Smart devices, such as TVs, thermostats, baby monitors, health monitors, and security cameras can be vulnerable because they often incorporate weak security measures.
Estimates are that nearly 17 billion smart devices are now connected to the Internet around the world and are a huge target for hackers: https://cnb.cx/3DprU1K
These devices pose risks to individual consumers and can be used in wide-scale cyber-attacks on critical resources and infrastructure.
Hackers go after the weakest link; in this case, it’s all our Internet-connected smart gadgets.
A government initiative called the US Cyber Trust Mark has been in the works since last year to encourage manufacturers to voluntarily provide more secure devices and offer consumers an easier way to identify them.
It will be much the same as Energy Star or Underwriters Laboratory badges that designate energy savings and safety measures.
The Mark
The mark will be a small shield logo in 5 colors that will appear on smart devices that meet certain security standards that have yet to be defined. It will be accompanied by a QR code that links to detailed information about the standards that the device is complying with.
The thought is that consumers can quickly research items on a shelf for security and privacy concerns before making a purchase.
The reason for the different colors is that devices such as those with a camera, pose different security and privacy risks than those without.
The current discussions cover things like eliminating default passwords, forcing longer, stronger passwords, regular software updates, and secure firmware, which is the software that ultimately controls the capabilities of a piece of hardware.
The hope is that starting next year, this marking system will help consumers choose more secure smart devices that meet these standards.
Your Router
One of the most important devices in your home is the router, which is what connects you to the Internet and shields the connected devices in your home.
If your router is compromised, a remote hacker could gain complete control over your entire network. Making sure complicated security measures don’t require non-technical consumers to read manuals and figure it out on their own is a key focus of this initiative.
It’s No Silver Bullet
One of the risks of this program is that it could encourage users to gain a false sense of total security. Having a really strong password is useless if you use the same one everywhere or fall victim to sophisticated phishing scams that reveal your passwords.
This new program is one small layer that can help consumers be safer, but it shouldn’t be looked at as the ultimate security blanket.
Don’t Wait
You shouldn’t wait for this initiative to secure your own devices, especially if you're still using easy-to-crack 8-character passwords or haven’t activated Multi-Factor Authentication (https://bit.ly/3rAG9ho) on your existing accounts.
You can easily make your passwords more secure by doubling your existing 8-characters to 16 and creating new ones if you haven’t done so in a couple of years.
About the author
Posted by Ken Colburn of Data Doctors on July 20, 2023
Need Help with this Issue?
We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!