Sens Warner, Gardner think the government has a new cybersecurity problem: The Internet of Things

When hackers took aim at the internet’s backbone in 2016, impeding access to websites like Twitter and Spotify, they did so by weaponizing the Internet of Things — a catch-all category of web-connected devices that includes fitness trackers and smart thermostats. The resulting denial-of-service attack was limited and short-lived, in the end, but cybersecurity fears about IoT remain prevalent — and a group of lawmakers in Congress is now getting to work to ensure the US government raises its own digital defenses in response. That’s the aim of a new bill out Aug 1 by Sens Mark Warner (D-VA) and Cory Gardner (R-CO).

Their measure — called the Internet of Things Cybersecurity Improvement Act of 2017 — is an attempt to force companies that sell wearables, sensors and other web-connected tools to federal agencies to adhere to some new security standards. For example, lawmakers’ new proposal would put into law a requirement that vendors ensure the small, often screenless devices sold to the US government can be patched with security updates. It also prohibits those tech companies from hard-coding passwords into the firmware of the tools they offer the feds.