Critical edge security issues across industries: Cyberattacks on the rise

Critical edge security issues across industries: Cyberattacks on the rise
Inna Ushakova is CEO at AI EdgeLabs, an edge and IoT security provider.

The digital footprint and increasingly distributed IT infrastructures of edge computing are larger than ever.

According to IDC, more than 50% of new enterprise IT infrastructure will be deployed at the edge instead of through data centres by 2023. The global edge computing market will reach $250 billion by 2024 at a compound annual growth rate of 12.5% in the next couple of years.

With so much data flowing and being generated by the millisecond, companies find it radically challenging to protect personal devices, external locations, or cloud-based applications. Most businesses realise that a cyberattack is more a question of “when” and not “if”, as cyber attackers are striking more fiercely and causing more harm than ever before. It’s unsurprising to learn that cybercrime could potentially cost the world over $10.5 trillion annually by 2025.

Only a few examples are needed to illustrate the price businesses must pay for security vulnerabilities. The Stuxnet malware was the first known use of software designed to interrupt operational technology and was launched against an Iranian nuclear plant, causing hundreds of centrifuges to spin out of control and self-destruct.

An Asian OEM’s American business experienced a ransomware attack by the DoppelPaymer gang, who demanded $20 million in exchange for a decryptor and to not leak stolen data. 

The high-profile Colonial Pipeline cyber attack caught the attention of not only businesses but also federal governments and President Joe Biden. The hack was deemed a national security threat, as the pipeline moves oil from refineries to industry markets.

There’s a lot to think about and unpack in the cybersecurity conversation. While some are more mature than others in terms of cybersecurity, like the financial sector and telecommunications, all industries need to elevate their cyber defence mechanisms to ensure their technological resilience. 

Cybersecurity outlook across industries

As cyber threats accelerate, the need for effective and immediate change in cybersecurity measures is pressing.

Cyber attackers are no longer just individual actors, they now operate as highly sophisticated organisations that exploit artificial intelligence and machine learning tools and capabilities. And with a larger surface area of attack, no organisation is truly immune. 

From small and mid-size companies to state governments and large enterprises, everyone is exposed and many of today’s sophisticated measures and protocols are insufficient or will soon become obsolete.

Our collectively increasing reliance on digital technologies and solutions heightens the need for strengthened cybersecurity, regardless of industry. Cybersecurity is no longer an afterthought and it’s time organisations took strategic steps to ramp up their protection protocols and measures. 

Edge is experiencing unprecedented momentum among organisations around the world, despite concerns about its perceived risks. In fact, AT&T’s “Securing the Edge” report showed that 75% of survey respondents are planning, have partially, or have fully implemented an edge use case as of today.

Organisations across all industries are eager to adopt new edge approaches and technologies that promote the idea of increased digital transformation and the gradual adoption of updated solutions, technologies, and controls away from legacy conditions.

But what are the cross-industry edge use cases that could potentially increase the surface attack area of organisations? AT&T found that 40% stem from Industrial IoT (IIoT) and operational technology (OT) functions, 39.1% are from enterprise IoT functions, 34.4% will be consumer IoT functions, 33.6% belong to edge applications, and 32% are from physical security functions.

The same report also found that ransomware attacks (66.1%) targeting edge network servers and data as well as attacks against user/endpoint devices (65.5%) are the two top security concerns across all industries. With that context in mind, it is important to note there are specific forms of attack that are more prominent than others in each of the main industries.

Energy and utilities

The top three attack vectors in this industry are sniffing attacks against the radio access network, ransomware, and attacks against the 5G core network. For reference, the infamous Colonial Pipeline cyberattack, which is believed to have come from Russia, deprived most of the US East Coast of half its oil and gas reserves for an entire week. 

The attack took place using a legacy Virtual Private Network (VPN) system that did not have multi factor authentication in place. A single password was used to penetrate the system, and investigators suspect that hackers got the password from a dark web leak.

Financial services

The top three attack vectors in the financial services industry are sniffing attacks against endpoint devices and components, sniffing attacks against the radio access network, and attacks against user/endpoint devices. 

Back in December 2021, crypto trading platform Bitmart experienced a large-scale security breach that enabled hackers to withdraw about $150 million in assets, with some external sources putting the attack closer to $200 million. The company stated the security breach was caused by a stolen private key affecting two of its hot wallets. Hot wallets are connected to the internet and allow owners to gain easy access to their coins so they can spend their crypto.

Healthcare

The top three attack vectors in the healthcare industry are attacks against server/data within the network edge, attacks against associated cloud workloads, and ransomware. 

In fact, data breaches reached an all-time high in 2021 for the healthcare industry, with 45 million individuals affected by healthcare attacks, up from 34 million in 2020.

In January 2021, the Florida Healthy Kids Corporation traced a data breach affecting 3.5 million individuals over a seven-year period. The cyber attack targeted sensitive personal data including full names, dates of birth, email addresses, phone numbers, physical addresses, social security numbers, financial details, and more.

Manufacturing

The top three attack vectors in the manufacturing industry are attacks against user/endpoint devices, ransomware, and attacks against applications within the network edge. 

As the result of a devastating cyberattack involving the LockerGoga ransomware, Norsk Hydro, a multinational aluminium manufacturer with operations in 40 countries, closed many of its plants and was forced to move others offline. 

The attack compromised the firm’s IT systems across multiple business functions, including the company’s smelting plants in Norway, Qatar, and Brazil. The total cost is estimated at $75 million. While the particular method hackers used to enter the company’s network and deploy the ransomware remains unclear, researchers believe they used credentials gathered from a previous phishing attack or bought on the black market.

Retail

The top three attack vectors in the retail industry are attacks against user/endpoint devices, attacks against server/data within the network edge, and ransomware. 

In 2013, Target reported hackers stole data from up to 40 million credit and debit cards, which ended in Target paying the biggest data breach settlement to date at $18.5 million. It’s alleged the data breach enabled attackers to steal over 11 gigabytes of data as they backed their way into Target’s corporate network by compromising a third-party vendor with a phishing email. Attackers used the Citadel banking trojan until they were able to obtain login credentials.

Steps to secure edge and IoT security

Organisations across all industries, big or small, need to develop security measures that in real time prevent, detect, and mitigate cyber threats and risks of future attacks.

The best approach is to anticipate emerging cyber threats and understand what new defensive capabilities your business can employ today for tomorrow’s threats.

With more data being generated than ever before, more connected devices, and increasing risks of cyber attacks, businesses must equip their security teams with strong tools to prevent and combat attacks. 

Auditing systems regularly with monitoring protocols helps provide clear recommendations on how to solve unique security issues. Advanced network visibility and anomaly detection help keep systems secure. Additionally, enhancing physical security at the edge to prevent unauthorised access to devices helps detect anomalies that signal physical tampering.

Also, applying robust security protocols like threat analytics and real-time remediation protects edge and IoT infrastructures at scale. In fact, analytics-based threat monitoring, traffic inspection, threat modelling, attack surface visibility, and network topology are key to identifying abnormal behaviour.

All in all, real-time threat detection, severity-based prioritisation, threat blockage, and 24/7/365 monitoring helps generate effective, accurate, and reliable cybersecurity strategies at the edge so security teams can detect, respond, and remediate attacks or threats in real-time before there’s even a chance to perform any damage.

Want to learn more about edge computing from industry leaders? Check out Edge Computing Expo taking place in Amsterdam, California and London. 

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , ,

View Comments
Leave a comment

Leave a Reply