Why is Security Hardening Important for Linux devices?
There are many reasons why security hardening should be on the agenda of device vendors, but there are three in particular that are most often chief concerns.
First. As an increasing number of Linux devices connect to the internet, these devices are becoming popular attack surfaces for people with malicious intent. The ease of connecting and deploying these devices to enterprise wireless internet systems is a significant selling point. But also makes them yet another target for those seeking to exploit those same enterprise systems.
Second. Attackers are becoming more aware of Linux devices. As Scott Murray of the Konsulko Group explained at the Yocto Project Virtual DevDay in 2020, it’s trivial to scan all IPv4 devices using a search engine like shodan.io, the world’s first search engine for connected devices. Customers, in turn, cannot be relied upon to follow vendor guidelines and may connect their devices directly to the internet, and Universal Plug and Play may make services on a device unexpectedly visible.
Third. The attacks on connected Linux devices may not be direct. Devices might instead be leveraged as part of a criminal botnet or as part of a DDoS attack. Such security breaches are not directly targeting the data on the device, nor its core functionality, but rather exploiting its connected status and processing power to execute code that enables an attack on a second device, enterprise, or server.
This is why security hardening is a priority for device vendors and a consistent focus for embedded software and connected device developers. And for Linux devices and developers, Yocto is often an important arrow in their quiver.