The rise of Internet of Things (IoT) botnets has become a security threat in emerging industries such as smart homes, smart cities, and industrial networking. Distributed Denial of Service (DDoS) attacks from botnets have been around for some time, and IoT botnets are not new either. Botnets and Their Potential Threats A botnet refers to a network of interconnected devices infected by specific malware, allowing hackers to gain remote control and coordinate DDoS attacks. Botnet viruses, also known as zombie armies, can also be used for spam bombing, stealing sensitive keys, spreading ransomware, and more. For example, an IoT virus can infiltrate traffic light systems, disrupting the infrastructure of smart cities and causing chaos throughout the city. Similarly, hackers can use viruses to increase the temperature of smart homes or enhance fuel supply. Another significant distinction is that personal computers and servers are protected by security measures such as antivirus software and firewalls, while IoT devices often lack these security mechanisms, making them ideal targets for botnet viruses. Mirai and another botnet called Bashlight can exploit vulnerabilities in the lightweight Linux systems installed on network cameras and digital video recorders, directing devices to download malware from servers. Afterward, they spread this malware to nearby “zombie” devices by continuously scanning for default or hard-coded usernames and passwords. DDoS attacks infect a large number of interconnected devices in this manner. In the Mirai botnet attack incident, over 150,000 network cameras were infected by the Mirai botnet. Botnets Expose Embedded System Design Flaws Currently, the number of IoT devices is vast and continues to grow, while Mirai has sounded the alarm for the security of unprotected IoT devices. Gartner predicts that by 2020, over 20.8 billion devices will be connected to the IoT. Mirai reveals the mechanism by which hackers control “zombie” devices and incorporate them into botnets. While emphasizing the importance of embedded security, botnets also expose key flaws in embedded system design: • The pursuit of miniaturization and low power consumption in IoT devices inevitably reduces the level of embedded security. • The battery capacity and storage space of IoT devices are only sufficient to perform basic functions, with security considerations ranked after both. • Urgent design timelines and market pressures lead to the elimination of security module designs. • Many IoT devices simplify designs and reduce costs by reusing hardware and software modules, which can expose credentials of different categories of IoT devices. • The operating systems on IoT devices lack transparency and convenient interfaces, complicating virus monitoring. Virus monitoring and detection on IoT devices often rely on complex interfaces such as web browsers or smartphone apps, rather than direct access to the operating system itself. • Most embedded devices use various versions of Linux systems. These systems can only be secured through proper patching, configuration, and hardening. Hackers are actively working to exploit vulnerabilities in Linux systems on routers and set-top boxes. The zombie IoT has affected devices such as network cameras, Wi-Fi routers, network cameras, and set-top boxes, and has been used to spread DDoS attacks on gaming servers. Hackers have also attempted to use zombie IoT to infiltrate routers of German telecom companies but ultimately failed. What’s Next? Smart refrigerators, light bulbs, smart locks, or smart cars? If botnets are unleashed on banks, hospitals, and smart city infrastructures, it could cause even greater destruction. Robust Multi-layered Security Protection is Key So, how can we build a robust security system to guard against this “universal card”? How do we ensure security at all levels, from sensors to IoT nodes to the cloud, to ensure the reliability of multi-layered IoT access points? The essence of embedded system security lies in: • Developing multi-layered security protection mechanisms in embedded systems, covering secure nodes, storage, networks, and the entire IoT ecosystem. • Designing reliable embedded hardware. Multi-layered Security Protection These best practices to counter zombie IoT viruses are integrated into the security framework within the product development cycle: Nodes Employ secure boot under a hardware-based trusted framework to ensure that IoT devices operate in a known secure state while keeping their content confidential. Secure boot serves as the cornerstone of embedded device security and is the first line of defense against security gaps such as zombie network viruses. Update firmware. Hackers can use over-the-air (OTA) upgrades to deploy their malicious viruses. Therefore, authentication should be implemented to ensure that IoT devices only retrieve upgrade codes from authorized systems. Networks Connect IoT devices only in environments with firewalls. Firewalls will check incoming data and identify threats through the behavior, signatures, IP history, and consistency cross-examination of IoT terminal information. Utilize DDoS attack protection services and employ robust content delivery network tools as initial defenses. Ensure reliable connections between IoT devices and systems such as cloud services, using encrypted links based on security protocols like Transport Layer Security (TLS). Harden implementations of TLS stacks such as OpenSSL by creating additional hardware security layers to eliminate software vulnerabilities. Secure Storage IoT systems require robust authentication to identify and verify the identities of nodes and devices. People often equate security with encryption, but in the face of network threats like zombie network viruses, authentication is the cornerstone of IoT security. Design Secure Embedded Hardware Embedded security applications for interconnected devices have been overlooked from the beginning. Embedded security should start with designing tamper-proof hardware with complete security solutions, rather than relying solely on a pile of patches and system fixes. Traditional hardware security includes multiple aspects: A hardware security module (HSM), which requires a database to store, protect, and manage keys. This necessitates upfront investment in hardware infrastructure and hardware logic. A trusted platform module (TPM), which integrates encryption keys into the device’s hardware but does not align with the positioning of low-cost IoT applications. A security stack built on top of an MPU or MCU. However, this design requires a significant amount of CPU cycles to accelerate application and firmware authentication. Since security hardware based on a central MPU or MCU brings many computation-intensive operations (such as authentication), it burdens the entire system and reduces system performance, resulting in limited outcomes. For these reasons, traditional hardware security solutions cannot be effectively applied to embedded systems. Instead, dedicated security processors in embedded system hardware design can compensate for software vulnerabilities through hardware key storage and encryption acceleration technologies. At the same time, dedicated processors can more easily harden well-known TLS implementation stacks (such as OpenSSL), enabling IoT nodes to automatically complete authentication with cloud servers.
