The Federal Communications Commission (FCC) has proposed a fine of $734,872 against Eken, a China-based company, due to serious security vulnerabilities in their video doorbells. This action marks a significant step towards enforcing cybersecurity standards in consumer products.
The investigation revealed that Eken failed to respond to inquiries from the FCC and did not maintain an active domestic contact point, which was found to be an inactive mailbox in Colorado since 2019. Consumer Reports had flagged the company's doorbells, sold under various brand names, for exposing users' IP addresses and Wi-Fi network names without encryption, potentially allowing hackers to access home networks.
Notably, the vulnerabilities could enable unauthorized users to take control of the devices through a smartphone app, allowing them to view footage and lock out legitimate users. This incident underscores the urgent need for enhanced cybersecurity measures in the Internet of Things (IoT) sector, where many devices are vulnerable to exploitation.
As part of its consumer protection efforts, the FCC is also promoting a voluntary cybersecurity labeling program for wireless IoT products, aiming to raise awareness and standards among manufacturers and consumers alike.