123Fab #29
1 topic, 2 key figures, 3 startups to draw inspiration from
Unfortunately, edge-connected devices have added numerous entry points for hackers to target. The vast Mirai botnet attack in 2016 is just one example. By infecting Internet of Things (IoT) devices, the Mirai malware turned 100,000 devices into a network of remote-controlled bots, which had the effect of wiping the east coast of the US off the internet for a day. Another example is the hacking of the internet-connected fish tank in a Las Vegas casino a year later.
Edge Computing is a distributed computing paradigm that brings computation and data storage closer to the data collection point, to improve response times and save bandwidth. Instead of being processed in a data center, data is processed locally in the device itself. While processing often involves normalizing and analyzing the data stream to look for business intelligence, only the results of the analysis are sent back to the principal data center.
In recent years, the Edge Computing market has surged, mainly bolstered by the development of 5G and IoT technologies. While 9% of the world’s data was processed via edge computing in 2020 (compared to 91% via the cloud), it is projected to reach 75% by 2025. As the number of applications grows — autonomous vehicles, industrial manufacturing, smart devices, and homes — edge computing is all the more a significant threat to cybersecurity. Indeed, the computing paradigm is based on connected objects and micro data centers, which are often the weakest links and the most obvious gateways for hackers. Therefore, it has been imperative for integrators and providers to comply with stringent directives and regulations, such as the EU’s General Data Protection Regulation (GDPR), to protect the personal data they hold.
Although the cyberrisks are more limited than those of cloud computing, because hackers have to infiltrate decentralized storage systems to access sensitive information, and because the information is not stored in a single data center, attacks can be more frequent. Indeed, edge computing faces 4 key security concerns:
- Architecture — While sending data to the cloud from edge devices is secure (companies control the infrastructure used to encrypt and verify the data), receiving data from the cloud is not. The challenge for companies is to ensure that the data is authenticated and can be safely computed into the IT system. Startup Attila Security helps companies in this respect, by protecting all edge devices and simplifying network security in accordance with National Security standards.
- Fragmentation — All IoT devices have to be authenticated and adhere to privacy policies that give network administrators oversight over their data. As it seemed too challenging to impose a universal privacy policy on the infinite number of IoT devices, Microsoft decided to launch Azure Sphere in 2018 to address the IoT fragmentation. It replaces the general-purpose microcontroller units (MCU) used in most of the connected devices with a secure one, designed so that each subsystem of the chip is securely isolated from the others.
- Physical security — Devices are vulnerable to theft and infiltration. A simple USB key can be used to upload counterfeit software or firmware that changes the configuration of the device to access the private data. Encrypted tunnels, firewalls, and access control are therefore essential.
- User Error — Given the multitude of devices within the edge (connected together and within networks), experts have a hard time implementing cybersecurity solutions. A solution to user errors and external edge attacks is to rely on a third-party management program.
Although there are many solutions to prevent attacks, certain segments present higher risk use cases than others.
- Autonomous vehicles — Threats are on three levels: control, communication, and sensing. Recently Tencent Keen Security Lab, a Chinese cybersecurity firm, uncovered a range of flaws in BMW’s autonomous vehicles. A team of white-hatted hackers managed to take control of the audio, visual and navigation units without any physical connection. Although BMW has rolled out modifications, it is is all the more alarming as all parts of an autonomous vehicle are managed by a computer. V2V (vehicle-to-vehicle) communication, which is a major source of data for guidance and control systems, is also susceptible to hacking. This can propagate upwards and compromise the security of the control layer.
- Industry 4.0 — Due to the interconnected nature of industry 4.0-driven operations, cyberattacks have far more extensive effects than ever before. Although no single attack could bring down the entire network, the increasing number of entry points makes it crucial for industrial executives to be apprised of the potential risks. Studies show that more than 50% of small and medium-sized businesses have experienced a cyberattack in the last five years and that manufacturing is one of the most frequently targeted industries. However, in comparison, edge computing is still more secure than the cloud.
- Home & wearable accessories IoT — While most people are aware of the risks associated with mismanaging passwords of traditional IT devices, most users aren’t accustomed to the risks associated with IoT devices. Two years ago, for instance, a large number of printers were hacked worldwide urging people to subscribe to PewDiePie’s YouTube channel. Connected watches or wireless headphones are also often hacked. Indeed, Bluetooth devices can leave gaps for security breaches.
To conclude, the rapid growth of the edge computing market (often considered more secure, faster and cheaper than cloud computing) goes hand in hand with the multiplication and scattering of cybersecurity challenges. Not because it is new, but due to the volume of data that is processed. There is no magic recipe for the time being, which is why research and investment will undoubtedly increase drastically in the coming years. According to studies, global cybersecurity spending could reach $134 billion in 2022.
2 Key Figures
268 Edge computing startups
registered by Tracxn
Market size expected to reach $43.4bn by 2027
According to Grand View Research, the market size is expected to grow from $2.5bn in 2019 to $43.4bn by 2027, at a CAGR of 37.4%.
3 startups to draw inspiration from
This week, we identified three startups that we can draw inspiration from: Edgescan, EDJX and Clearblade.
Edgescan
Edgescan is an irish startup that delivers full stack vulnerability management, i.e. deep security assessment of web applications, supporting app servers, components and associated hosting environments. They cover off supporting systems in both cloud and edge data center environments.
EDJX
The USA-based startup EDJX, provides object storage, serverless, and edge services, resulting in zero infrastructure to manage. The company develops hardened and secure nodes suited for industrial environments with low latency.
ClearBlade
ClearBlade is an edge computing software company enabling enterprises to rapidly engineer and run secure, real-time IoT applications. Clearblade provides sofwares with encryption, authentication, and authorization of API access including tokens and certificates.