California has approved on September the first IoT security Senate Bill 327 in the USA, as an attempt to cope with the risk of IoT-based attacks. The bill will take effect on January 1, 2020, and will require manufactures of connected devices to equip their devices with a reasonable security feature during production time, or to ensure that the user is forced to add one while using the device for the first time.
Despite the importance of this bill that recognizes the security risks in Iot devices, the opponents argue that this law does not addresses the real threats. To do so, there is no need to add security features but to remove the insecure features, such as listening ports.
To emphasize the risks involved, security experts published this month a warning of a new IoT attack, which is much more advanced and stealthy than the ‘Mirai’ attack in 2016 and is capable of risking a wide range of devices.