The voluntary code would also require companies to make their systems resilient to outages.


Mr Dutton said cyber security had never been more important to Australia’s economic prosperity.

“Internet-connected devices are increasingly part of Australian homes and businesses and many of these devices have poor security features that expose owners to compromise,” Mr Dutton said.

“Manufacturers should be developing these devices with security built in by design.

“Australians should be considering security features when purchasing these devices to protect themselves against unsolicited access by cyber criminals.”

The list of IoT devices being compromised is growing, with a casino in the US having its computer system hacked into through a thermometer in a fish tank.

There have been a number of cases of paedophiles overseas hacking into baby monitors. Last year it was revealed a Western Australia mother had been left feeling unsafe after a major security breach in her video baby monitor.

Home security cameras have also been compromised in major privacy breaches.

The government’s new code, which was developed in consultation with industry, will bring Australia into line with other countries such as Britain.

Along with the new industry code, the Australian Cyber Security Centre will on Thursday release “quick and easy tips” to help Australian consumers protect themselves against cyber attacks when buying and using IoT devices.

These include checking it is possible to change the password, asking whether the device is made and sold by a well-known reputable company, confirming the manufacturer provides security updates and finding out what data the device collects and who it will be shared with.


The new code has been developed as part of Australia’s new cyber security strategy, released last month, which will require company directors to have legal duties to ensure a reasonable standard of cyber security.

The nation’s cyber spy agency, the Australian Signals Directorate, will also be given new powers to plug into the networks of critical infrastructure – such as ports, water, power plants and telecommunications – to defend against major cyber attacks.

The Morrison government has been on heightened alert for cyber attacks from criminal networks and state-based actors.

Australian security agencies believe China is behind the cyber raids on all levels of government this year, although the Morrison government has chosen not to name the country involved.

Get our Morning & Evening Edition newsletters

Anthony is foreign affairs and national security correspondent for The Sydney Morning Herald and The Age.


By admin