January 21, 2018

Okiru puts Billions of IoT devices at risk – How to ensure IoT devices do not fall victim

As predicted, botnet enabled malware attacks continue. The latest discovered is Okiru (meaning Wake Up in Japanese).  Okiru has the potential to reach BILLIONS of Internet of Things (IoT) devices due to its implementation! Okiru’s release specifically highlights the exposure of unsecure IoT devices again and continues to show the sophistication of hackers in utilizing IoT connected devices in orchestrating significant attacks. We at Device Authority can help ensure your IoT devices and applications being deployed for innovative digital transformation solutions are not at risk to such botnet malware.

But first a little background on these botnets and Okiru’s implementation to frame the solution.

In 2016, the Mirai botnet malware took over 1.5 Million IoT devices (mainly connected cameras) to deliver a crippling DDoS attack.  Prior to Mirai, previous malware attacks used infected computers to achieve scale.  Mirai proved that hackers could move beyond computers and use even less secure and more numerous IoT devices to achieve their goals at scale.  There have been a few variants of Mirai since the hackers have released their source code of Mirai and the other versions for others to use in new exploits.  Okiru is the latest version which looks to significantly increase the magnitude of reach.

While we do not know the impact yet of Okiru, researchers have said it has now been found in numerous places. Okiru has the potential to reach BILLIONS of devices due to its specific target of ARC processors.  While ARC may not be a widely recognizable processor name, it is now the 2nd most used CPU core per year after ARM…more the x86, PowerPC, MIPS, etc.  While ARC cores are embedded in many systems, they are commonly found inside other processors (like ARM implementations) and used to perform other functions and accelerations.  Therefore many may not realize these ARC processors are embedded inside other HW or silicon pieces in their systems…putting them even more at risk to Okiru!

We all know more botnet malware attacks will keep coming.  This could continue to have a disastrous impact on the internet. In addition companies can be held liable if their IoT devices are utilized in an attack. So how do you ensure IoT devices are not infected with malware and recruited into massive botnet attacks?

The security approach must be considered for every IoT implementation.  Even if the device is sending data that is not considered sensitive, the device itself needs to be secure to ensure it is not taken over by malware.   Even for companies with security experts in house, IoT solutions present unique challenges to ensure effective security is deployed and easily managed.  Considerations should include:

  • Device Trust – How are devices registered and provisioned? How are identities assigned to devices? How are devices onboarded? How are devices authenticated to maintain integrity?
  • Data Trust – How is data secured to and from devices? How is data stored securely? How are SW/FW updates trusted? How are master images trusted?
  • Operationalizing the Trust at Scale – How are security policies continuously enforced? How are credentials managed?  How are SW/FW updates delivered?


This path to robust IoT security may seem daunting…but it does not have to be.

From Device Authority, our KeyScaler platform delivers this Device and Data Trust at Scale for IoT systems.  KeyScaler addresses all of the considerations defined above (and many others) to provide a simplified yet robust security solution allowing companies to leverage the enterprise grade security they require for IoT. This ensures business disruptions do not occur from poor security of IoT devices and helps safeguard a company’s investment into digital transformation solutions.

Would you like to learn more about KeyScaler and how we can help prevent IoT based botnet malware attacks? Please reach out to us.

Device Authority