Drew Moseley

The speaker's profile picture


The IoT botnet wars, Linux devices, and the absence of basic security hardening

We will discuss the various malware infecting Linux IoT devices including Mirai, Hajime, and BrickerBot and the vulnerabilities they leverage to enslave or brick connected devices. We will walk the audience through specific vectors they used to exploit devices and cover some basics in security hardening that would have largely protected from many of the widespread malware.

Some of the fundamental security concepts we will cover include:

Closing unused open network ports
Intrusion detection systems
Enforcing password complexity and policies
Removing unnecessary services
Frequent software updates to fix bugs and patch security vulnerabilities

We will also delve into the arguments and counter-arguments of vigilante hacking with Hajime and BrickerBot as examples and the potential long-term consequences in this new age of connected devices.

Software updates for connected Linux devices: key requirements

A key requirement for connected Linux devices is the ability to deploy remote software updates to them so that bugs, vulnerabilities and new features can be addressed while devices live in the field for up to 10 years.

As part of the Mender.io project, we have interviewed more than 100 embedded developers to understand best practices and the current state of enabling software updates for connected devices today. The key requirements found during this study can be split into the following areas we cover:

  • Robustness
  • Ease
  • Performant
  • Secure
  • Extensible