Wednesday

28th Sep 2022

EU sets new cybersecurity rules for wireless 'internet of things'

  • Wireless devices like smartphones and tablets are the target of more than 80 percent of cyberattacks (Photo: iStock)
Listen to article

The European Commission has adopted new cybersecurity rules for wireless devices with the aim to prevent online payment fraud and better protect citizens' personal data – after several reports flagged up the risks from toys that spy on children or unencrypted data stored on smartphones.

New legal requirements will cover all types of devices capable of communicating via the internet (except for some medical equipment and aircraft systems) - but also toys and baby monitors as well as 'wearables', like smartwatches and fitness trackers.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

The usage of wireless devices is rapidly growing in Europe, where there will be an estimated 7.43bn internet-connected devices by 2030 due to the rise of the 'Internet of Things'.

Today, however, these devices are the target of more than 80 percent of cyberattacks.

Under the new rules, manufacturers will have to set up better control systems for the authentication of the users to make electronic payments safer and reduce the risk of fraud.

During the design process, they will also have to implement new features to prevent the unauthorised access or exchange of personal data or the possibility of using that device to disrupt websites or other services.

These rules will apply to all manufacturers placing their products on the EU market. And harmonised standards will be designed to ensure that manufacturers comply with the new obligations, the EU commission said.

"This is a significant step in establishing a comprehensive set of common European Cybersecurity standards for the products (including connected objects) and services brought to our market," the commissioner for the internal market Thierry Breton said in a statement.

The new rules are part of the actions listed under the Cybersecurity Strategy, presented in December 2020, with the aim to respond to the surge of cyberattacks in Europe driven by a growing online presence.

Legal requirements will enter into force in early 2022, unless EU member states or MEPs raise any objections. But manufacturers will have 30 months to adapt to the new obligations.

The upcoming so-called Cyber Resilience Act is expected to build on these rules, covering more products and looking at their whole life cycle.

Meanwhile, the EU agency for cybersecurity (ENISA) revealed last week that cyberattacks have continued to grow in 2021, with supply-chains attacks being among the main threats.

It adds that cybercriminals are increasingly motivated by the monetisation of their attacks.

Last month, EU member states endorsed the idea of creating a joint cyber unit to address large-scale and cross-border attacks.

Brussels tightens cybersecurity rules days after attack

The European Commission proposed a reform of the bloc's cybersecurity rules . "The time of innocence is over. We know that we are a prime target," warned commission vice-president Margaritis Schinas.

Interview

Cyberattack behind Tigray blackout, says Ethiopia

Hirut Zemene is Ethiopia's ambassador to the European Union. She is demanding for "a balanced view and understanding" by the EU of the conflict in Tigray region. The country is vying for national elections in May.

Cyber-risk from Internet of Things prompts new EU rules

With evermore connected devices on the market, new EU rules aim to minimise cybersecurity risks from innocuous household appliances and industrial operating systems — amid concern over the increasing number of cyberattacks and their cost for companies.

EU reaches deal on flagship cybersecurity law

The European Parliament and EU member states have reached an agreement over new rules intended to protect Europe's public and private critical entities from cyberattacks.

Opinion

What von der Leyen's 'State of Union' didn't mention

Ursula von der Leyen barely noticed that European democracy is under attack not only from external threats, but from within. Two of the world's leading autocratic countries are EU member states.

News in Brief

  1. Gazprom threatens to cut gas deliveries to Europe via Ukraine
  2. New compromise over EU energy emergency measures
  3. 15 states push for EU-wide gas price cap
  4. EU: Nord Stream explosions 'result of a deliberate act'
  5. EU okays €21bn Covid-recovery funding for Italy amid concern
  6. Greece pitches new EU fund to tackle energy prices
  7. Hungary says sanctions 'harming Europe more than Russia'
  8. France aims to start building new nuclear reactors by 2027

Stakeholders' Highlights

  1. UNESDA - Soft Drinks EuropeCall for EU action – SMEs in the beverage industry call for fairer access to recycled material
  2. Nordic Council of MinistersNordic prime ministers: “We will deepen co-operation on defence”
  3. EFBWW – EFBH – FETBBConstruction workers can check wages and working conditions in 36 countries
  4. Nordic Council of MinistersNordic and Canadian ministers join forces to combat harmful content online
  5. European Centre for Press and Media FreedomEuropean Anti-SLAPP Conference 2022
  6. Nordic Council of MinistersNordic ministers write to EU about new food labelling

Latest News

  1. Can King Charles III reset the broken Brexit relationship?
  2. Meloni's navy-blockade plan to stop Libya migrants 'unlikely'
  3. Underwater explosions were detected near Nord Stream leaks
  4. EU countries stall new pesticide rules, blame Ukraine war
  5. The UN's Uyghur report must push EU into China sanctions
  6. Russian diamonds ban 'would cost 10,000 jobs', Antwerp claims
  7. EU should admonish less, and listen more, to the Global South
  8. Foul play suspicions in Nord Stream leaks

Join EUobserver

Support quality EU news

Join us