{"guid":"f0851394-22b0-440c-aafc-e8690fc1cf51","title":"The IoT botnet wars, Linux devices, and the absence of basic security hardening","subtitle":null,"slug":"ASG2017-129-the_iot_botnet_wars_linux_devices_and_the_absence_of_basic_security_hardening","link":"https://c3voc.de","description":"We will discuss the various malware infecting Linux IoT devices including Mirai, Hajime, and BrickerBot and the vulnerabilities they leverage to enslave or brick connected devices. We will walk the audience through specific vectors they used to exploit devices and cover some basics in security hardening that would have largely protected from many of the widespread malware.\n\nSome of the fundamental security concepts we will cover include:\n\nClosing unused open network ports\nIntrusion detection systems\nEnforcing password complexity and policies\nRemoving unnecessary services\nFrequent software updates to fix bugs and patch security vulnerabilities\n\nWe will also delve into the arguments and counter-arguments of vigilante hacking with Hajime and BrickerBot as examples and the potential long-term consequences in this new age of connected devices.","original_language":"eng","persons":["Drew Moseley "],"tags":["ASG2017","129"],"view_count":298,"promoted":false,"date":"2017-10-21T00:00:00.000+02:00","release_date":"2017-10-21T02:00:00.000+02:00","updated_at":"2025-09-11T09:15:07.251+02:00","length":1722,"duration":1722,"thumb_url":"https://static.media.ccc.de/media/events/all_systems_go/2017/129-hd.jpg","poster_url":"https://static.media.ccc.de/media/events/all_systems_go/2017/129-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/events/all_systems_go/2017/f0851394-22b0-440c-aafc-e8690fc1cf51-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/events/all_systems_go/2017/f0851394-22b0-440c-aafc-e8690fc1cf51-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/ASG2017-129-the_iot_botnet_wars_linux_devices_and_the_absence_of_basic_security_hardening","url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_title":"All Systems Go! 2017","conference_url":"https://api.media.ccc.de/public/conferences/asg2017","related":[{"event_id":4634,"event_guid":"a7628d54-2031-4aab-b44b-7a7aab984807","weight":18},{"event_id":4638,"event_guid":"4701a208-608c-44b7-ad04-5d708cc347da","weight":31},{"event_id":4640,"event_guid":"673928f6-6777-4da7-aac3-e36dfea16063","weight":39},{"event_id":4644,"event_guid":"b607796c-ce58-43ee-afbd-f5fe2008ac66","weight":19},{"event_id":4646,"event_guid":"3e4263fb-2d17-486b-8f41-24b19ef64ffb","weight":29},{"event_id":4649,"event_guid":"0386da26-f42d-4808-a965-a5f9a0469d79","weight":27},{"event_id":4653,"event_guid":"468f5a67-1aab-492d-9aec-6ef220badc52","weight":23},{"event_id":4661,"event_guid":"dab1e9be-7bea-4997-a4d5-cde9097bc683","weight":17},{"event_id":4672,"event_guid":"6d9e8e7e-9250-4c9e-a050-90234d40f873","weight":17},{"event_id":4674,"event_guid":"22578f18-885b-4dce-a952-32ea3973ca15","weight":26},{"event_id":4680,"event_guid":"196e78e5-f6c5-42b0-84a9-f05428ddd550","weight":27},{"event_id":4684,"event_guid":"e829a025-7ad0-4ad0-8dd1-274490f7987f","weight":32}],"recordings":[{"size":88,"length":1722,"mime_type":"video/mp4","language":"eng","filename":"ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-10-21T19:06:20.703+02:00","recording_url":"https://cdn.media.ccc.de/events/all_systems_go/2017/h264-hd/ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_hd.mp4","url":"https://api.media.ccc.de/public/recordings/19897","event_url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_url":"https://api.media.ccc.de/public/conferences/asg2017"},{"size":52,"length":1722,"mime_type":"video/webm","language":"eng","filename":"ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2017-10-21T21:27:08.399+02:00","recording_url":"https://cdn.media.ccc.de/events/all_systems_go/2017/webm-sd/ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/19935","event_url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_url":"https://api.media.ccc.de/public/conferences/asg2017"},{"size":26,"length":1716,"mime_type":"audio/mpeg","language":"eng","filename":"ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2017-10-21T21:27:37.545+02:00","recording_url":"https://cdn.media.ccc.de/events/all_systems_go/2017/mp3/ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening.mp3","url":"https://api.media.ccc.de/public/recordings/19936","event_url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_url":"https://api.media.ccc.de/public/conferences/asg2017"},{"size":43,"length":1722,"mime_type":"video/mp4","language":"eng","filename":"ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2017-10-21T21:29:11.262+02:00","recording_url":"https://cdn.media.ccc.de/events/all_systems_go/2017/h264-sd/ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_sd.mp4","url":"https://api.media.ccc.de/public/recordings/19939","event_url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_url":"https://api.media.ccc.de/public/conferences/asg2017"},{"size":22,"length":1716,"mime_type":"audio/opus","language":"eng","filename":"ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2017-10-21T21:29:42.450+02:00","recording_url":"https://cdn.media.ccc.de/events/all_systems_go/2017/opus/ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening.opus","url":"https://api.media.ccc.de/public/recordings/19940","event_url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_url":"https://api.media.ccc.de/public/conferences/asg2017"},{"size":122,"length":1722,"mime_type":"video/webm","language":"eng","filename":"ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2017-10-21T21:44:23.825+02:00","recording_url":"https://cdn.media.ccc.de/events/all_systems_go/2017/webm-hd/ASG2017-129-eng-The_IoT_botnet_wars_Linux_devices_and_the_absence_of_basic_security_hardening_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/19967","event_url":"https://api.media.ccc.de/public/events/f0851394-22b0-440c-aafc-e8690fc1cf51","conference_url":"https://api.media.ccc.de/public/conferences/asg2017"}]}