Swiss Watchdog Finds Security flaws in Common IoT Devices
Table of Contents
A new report reveals that many smart devices sold in Switzerland, including smartwatches and baby monitors, fail to meet upcoming EU cybersecurity standards.
A study by the National test Institute for Cyber Security (NTC) has uncovered meaningful security vulnerabilities in a range of internet-connected devices available in Swiss markets. The affected products, which include WLAN routers, smartwatches, and baby cameras, do not comply with the EU’s Radio Equipment Directive (RED), set to take effect on August 1, 2025.
the RED directive mandates that devices with radio interfaces adhere to strict security protocols. These include secure authentication and access control, protected data interaction, secure software updates, and safeguards against manipulation and unauthorized access. These regulations, also binding in Switzerland, aim to enhance the overall security of consumer electronics.
The NTC’s assessment focused on key security mechanisms within these devices, such as authentication processes, access controls, data encryption, and software update procedures. The analysis exposed widespread weaknesses, including easily compromised default passwords, inadequate encryption, and flawed update mechanisms.These shortcomings where present in both budget-pleasant imported goods and products from well-known brands, according to the NTC.
The test institute stated, “The identified weaknesses show a significantly increased area of attack-it is indeed notably questionable that some of these security gaps can be exploited even without in-depth technical knowledge. Devices with such defects are considered non-red-compliant in the future and may no longer be put on the market from August 2025.”
Recommendations for Manufacturers and Consumers
“The identified weaknesses show a significantly increased area of attack.”
The NTC urges manufacturers to proactively implement security requirements based on the “Security by Design” principle. Importers and retailers are advised to carefully assess the compliance of their products with the upcoming regulations.
The NTC also provided guidance for consumers: “Consumers can also contribute to their own security by shopping at established dealers in Switzerland, careful with direct imports, changing standard passwords immediately and installing updates regularly.”
The complete NTC report is available as a PDF on their website.
frequently Asked Questions
- What is the Radio Equipment Directive (RED)?
- the RED is a European Union directive that sets essential requirements for radio equipment to ensure it doesn’t harm health, cause interference, and uses the radio spectrum effectively.
- Why is IoT security crucial?
- With billions of IoT devices in use, securing these devices is crucial to protect personal data, prevent cyberattacks, and ensure the reliable operation of critical infrastructure.
- What can consumers do to improve their IoT security?
- Consumers can improve their IoT security by purchasing devices from reputable dealers, changing default passwords immediately, and regularly installing software updates.