The diversity of architecture, exploitation techniques, malware design and processors used in critical telecom infrastructure such Telecom, security, power and defense drastically overlap with the IoT architectures where the use of PowerPC, ARM and MIPS, is extremely prevalent.
Furthermore, IoT devices being utilized in a critical infrastructure capacity are becoming more prevalent such embedded mobile cores, running ARM chipsets being deployed in defense capacity. These devices proxy communications, set up attachments, regulate and manage critical sensors and can even run full embedded virtualized networks. The era of an IoT device simply being an IP camera or a kettle, with minimal interfaces has long past and complexity, as always, has trumped secure and simple design and the need to fully test and integrate these systems has become even more important.
In this talk we will cover some of the common processor and architectures used in IoT devices, the binaries that organizations package and execute using these architectures and some of the security mistakes, best practices and attempted obfuscations that exist across them.
We will then discuss and demonstrate how to build and automate the creation of a virtualized embedded test system (which we nicknamed the malware factory) to fully test and understand interactions between 11 types of different process architecture, extract and execute binaries from embedded devices and emulate embedded systems for safe(r) testing.