Internet of Things Cybersecurity Act of 2017 would require vendors to disclose known vulnerabilities to agencies. The measure would apply only to the U.S. federal government, but the safety features required by the legislation would likely be incorporated into IoT products bought by businesses and consumers. The legislation was written in part, as a reaction to the Mirai Offspring attack that exploited IoT devices that exploited several high profile websites. The number of IoT devices are expected to exceed 20 billion units by 2020, a fact sheet says.”]