EU wants to toughen cybersecurity rules for smart devices

The European Union’s executive arm proposed new legislation Thursday that would force manufacturers to ensure that devices connected to the internet meet cybersecurity standards, making the 27-nation bloc less vulnerable to attacks.

The EU said a ransomware attack takes place every 11 seconds, and the global annual cost of cybercrime was estimated at 5.5 trillion euros in 2021. In Europe alone, cyberattacks cost between 180 and 290 billion euros each year, according to EU officials.

The European Commission said an increase of cyberattacks was witnessed during the coronavirus pandemic and that Russia’s war in Ukraine has raised concerns that European energy infrastructure could also be targeted amid a global energy crunch, AP reported.

The law, proposed as the Cyber Resilience Act, aims to remove from the EU market all products with digital elements that are not adequately protected.

The EU’s executive commission said the law would not only reduce attacks but also benefit consumers since it will improve data and privacy protection

“When it comes to cybersecurity, Europe is only as strong as its weakest link, be it a vulnerable member state or an unsafe product along the supply chain,” said Thierry Breton, the EU commissioner for the internal market.

“Computers, phones, household appliances, virtual assistance devices, cars, toys… each and every one of these hundreds of millions of connected products is a potential entry point for a cyberattack.”

Breton said most hardware and software products are currently not subject to any cybersecurity obligations.