Top E&C Democrats Call for Strong Security Measures for IoT Devices

The top Democrats on the House Energy and Commerce Committee and its Commerce, Manufacturing, and Trade Subcommittee are urging the Federal Trade Commission to ensure the makers of Internet of Things devices have “strong security measures” in place to protect from cyberattacks.

“It is time for the FTC to strongly reinforce to both consumers and device manufacturers the need to adopt strong security measures,” Reps. Frank Pallone of New Jersey and Schakowsky of Illinois wrote in a Thursday letter to FTC Chairwoman Edith Ramirez.  “The FTC should call on IoT device manufacturers to implement security measures, including patching vulnerabilities and requiring consumers to change the default passwords on devices during the set-up process.”

The agency should also “alert consumers to the security risks posed by continuing to use default passwords on IoT devices,” the lawmakers added.

The letter comes in response to an Oct. 21 cyberattack that manipulated IoT devices through a distributed denial of service attack that delayed or hindered some U.S. users from accessing some websites, including Twitter and The New York Times.

“It is highly probable that these types of cyberattacks will continue and become more common,” Pallone and Schakowsky wrote. “Security experts have warned that although the recent DDoS attack was historic given the technical capabilities employed and the volume of devices exploited, similar disruptions will likely occur in the future.”

Pallone and Schakowsky also joined California Rep. Anna Eshoo, the ranking member on the Communications and Technology Subcommittee, and two other full committee Democrats on Monday in calling for a hearing on the IoT-triggered attack.