Owners of smart devices such as wireless security cameras and baby monitors should take extra steps to stay safe, according to advice issued today by the National Cyber Security Centre (NCSC) - the government's advice and support organisation for cybersecurity threats.
The NCSC advises that:
Matt Warman, minister for digital at the Department for Digital, Culture, Media and Sport said: 'We are working hard to make the UK the safest place to be online and want everyone to have confidence in their connected devices.
'I recently announced new laws to improve the security standards of internet-connected household products which will hold companies manufacturing and selling these devices to account.
'I urge everyone who owns a smart product to follow the NCSC guidance to make sure their device is secure.'
Which? research demonstrated how many wireless security cameras could be easily hacked to allow malicious parties to snoop on unsuspecting victims, control the camera remotely, and even gain access to a home wi-fi network.
The devices, many of which were produced in Shenzhen, China, were made by little-known brands that are still regularly promoted on Amazon's bestseller page, and with Amazon's Choice logos.
We showed how these cameras could be easily hacked to allow malicious parties to snoop on unsuspecting victims, control the camera remotely, and even gain access to a home wi-fi network.
We also worked with a security researcher to expose how more than 50,000 internet-connected cameras in use across the UK could be putting consumer security at risk.
Amazon declined to comment when we reported the issues and is still selling and promoting many of them.
Caroline Normand, Which? director of advocacy, said: 'Which? has repeatedly exposed serious security flaws with devices, including wireless cameras and children's toys, so mandatory security requirements and strong enforcement that ensures manufacturers, retailers and online marketplaces are held accountable for selling unsecure products is essential.
'Until new laws are in place, it is vital that consumers research smart device purchases carefully, and follow guidance to ensure their devices are protected by strong passwords and receiving regular security updates to reduce the risk of hackers exploiting vulnerabilities.'
The UK government has recently proposed new legislation that aims to help better safeguard consumers from unsecure smart devices in the future, and offer more transparency over usage. This proposal includes requirements that consumer smart devices sold in the UK adhere to the following requirements:
However, timescales on implementation have not been ascertained. It's also yet to be seen what impact any new legislation will have on online marketplaces, who are able to sell products from little-known companies in huge volumes to UK customers, many of which will have undergone little or no security or quality control.
We see this legislation as a critical first step towards preventing security-risk products ending up in people's homes. It's essential that strong enforcement is put in place, and that manufacturers, online marketplaces and retailers are held accountable.