Legislation that establishes baseline cybersecurity standards for government-purchased internet-connected devices is now law. The bill’s chief co-sponsor was Rep. Robin Kelly, D-Ill., who represents the 2nd District, including Homewood and Flossmoor.
The Internet of Things Cybersecurity Improvement Act (HR1668) was signed into law Dec. 4. It covers the Internet of Things (IoT), a term used to describe the growing network of internet-connected devices and sensors. Many IoT devices are often shipped with factory-set, hardcoded passwords that are often can't be updated or patched, Kelly said.
These devices can also represent a weak point in a network’s security, leaving the rest of the network vulnerable to attack.
Kelly said “bad actors” have used IoT devices to launch devastating Distributed Denial of Service (DDoS) attacks against websites, web-hosting servers and internet infrastructure providers. The director of the Defense Intelligence Agency has call IoT devices one of “the most important emerging cyberthreats to our national security.”
The legislation passed the House and Senate with bipartisan support.
Enactment of the Internet of Things is the latest technology and cybersecurity-related effort Kelly has sponsored.
During this Congressional session she also co-authored four white papers on artificial intelligence (AI) policy, introduced a Congressional resolution calling for a government-wide AI strategy, reauthorized the US SAFEWEB Act and decried the negative impacts of the government shutdown from Dec. 22, 2018, to Jan. 25, 2019, on the already-understaffed government IT workforce.