Protect Against Vulnerabilities in IoT Devices With Live Patching - TuxCare
TuxCare Blog News

Protect Against Vulnerabilities in IoT Devices With Live Patching

July 24, 2019

pav social post fb-lnkd

The Internet of Things was born the moment that internet connectivity expanded beyond the setup of a computer hooked up to a router. Today, there is an ever-growing abundance of “things” possessing internet capabilities. These can be flashy, like driverless cars, Fitbits, or an Amazon Echo. Or they can be more prosaic, like coffee makers or washing machines. Gartner predicts that, by 2020, there will be 20 -billion Things connected to the Internet.

A majority of embedded systems constitute internet-connected Things. A clear case is the modern smart factory, where industrial automation relies upon online connectivity to operate smoothly via a network of physical nodes. Most of these embedded systems use ARM chips and device architectures, and run on an operating system based on the Linux kernel.

Get a FREE 7-Day Supported Trial of KernelCare 

IoT appliances and devices are wise to use Linux. It allows for multiple suppliers of software, development and support; it has a stable kernel; and it facilitates the ability to modify and redistribute the source code. However, an IoT device running on Linux is as just as susceptible to vulnerabilities as any other Linux system. Worse, because of the nefarious opportunities unique to various types of IoT device, they are even more vulnerable to the attention of hackers.

For example: In January, seven different upstream kernel vulnerabilities emerged, all of which could enable a local malicious application to execute arbitrary code within the context of a privileged process. In May, a Kernel vulnerability (CVE-2019-2054) was discovered that could allow a local attacker to escalate privileges without additional execution privileges. Just last month, a weakness was found (CVE-2019-2101) that could enable a local malicious application to bypass OS protections that isolate application data from other applications. What this means is that – even more pressingly than with other systems – IoT devices with chips running on the Linux kernel need their security to be watertight. 

Eliminate Rebooting

And if you’re rebooting to patch your kernel, you’re not nearly as secure as you could be. Rebooting is the method that most software companies use to apply patch updates to their servers. But because rebooting is a hassle, off-lining websites, kernel patching is always delayed, for weeks or even months.

This gap between patch issue and patch application will leave IoT devices open to every attacker in cyberspace. If you aren’t applying kernel patches as soon as possible, then you are leaving yourself exposed to hackers who know all the current vulnerabilities, and are eager to exploit them to spy, steal or disrupt.

The Internet of Things is a technological marvel, but it is more important than ever not to allow kernel vulnerabilities to linger for a moment longer than necessary. IoT Attacks have Increased up to 300% in 2019. Malware like Silex won’t stop appearing and patches to combat it will continue to be required. Don’t let Silex wipe your IoT devices –  live patch their kernels, without delay. Start live patching today.

Related posts:

  1. What is Advanced RISC Machine
  2. Which Linux Distro is Best for Embedded Development?
  3. Arm-based microprocessors need Linux kernel live patching
  4. Secure Devices with KernelCare IoT
  5. 5 Things to See at ELC Europe 2019

TuxCare can help you reduce your risk window to data exfiltration and other cyber security threats.

TALK TO A CYBERSECURITY EXPERT

Expert knowledge of Linux security tips,
live patching education, and Cybersecurity news.

Stay updated with the latest news and announcements from TuxCare.com

Related Articles

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022

IT Automation With Live...

In a symphony orchestra, instruments harmonize to create one pleasing...

June 20, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

June 16, 2022

KernelCare agent update – version...

We are pleased to announce that a new updated KernelCare agent...

June 2, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

May 26, 2022

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching