Climate Tech Trends - 10 Dec 2020

Is edge computing an open door to cyberattacks?

4 min de lecture

123Fab #29

1 topic, 2 key figures, 3 startups to draw inspiration from

Unfortunately, edge-connected devices have added numerous entry points for hackers to target. The vast Mirai botnet attack in 2016 is just one example. By infecting Internet of Things (IoT) devices, the Mirai malware turned 100,000 devices into a network of remote-controlled bots, which had the effect of wiping the east coast of the US off the internet for a day. Another example is the hacking of the internet-connected fish tank in a Las Vegas casino a year later.

Edge Computing is a distributed computing paradigm that brings computation and data storage closer to the data collection point, to improve response times and save bandwidth. Instead of being processed in a data center, data is processed locally in the device itself. While processing often involves normalizing and analyzing the data stream to look for business intelligence, only the results of the analysis are sent back to the principal data center.

In recent years, the Edge Computing market has surged, mainly bolstered by the development of 5G and IoT technologies. While 9% of the world’s data was processed via edge computing in 2020 (compared to 91% via the cloud), it is projected to reach 75% by 2025. As the number of applications grows — autonomous vehicles, industrial manufacturing, smart devices, and homes — edge computing is all the more a significant threat to cybersecurity. Indeed, the computing paradigm is based on connected objects and micro data centers, which are often the weakest links and the most obvious gateways for hackers. Therefore, it has been imperative for integrators and providers to comply with stringent directives and regulations, such as the EU’s General Data Protection Regulation (GDPR), to protect the personal data they hold.

Although the cyberrisks are more limited than those of cloud computing, because hackers have to infiltrate decentralized storage systems to access sensitive information, and because the information is not stored in a single data center, attacks can be more frequent. Indeed, edge computing faces 4 key security concerns:

  1. Architecture — While sending data to the cloud from edge devices is secure (companies control the infrastructure used to encrypt and verify the data), receiving data from the cloud is not. The challenge for companies is to ensure that the data is authenticated and can be safely computed into the IT system. Startup Attila Security helps companies in this respect, by protecting all edge devices and simplifying network security in accordance with National Security standards.
  2. Fragmentation — All IoT devices have to be authenticated and adhere to privacy policies that give network administrators oversight over their data. As it seemed too challenging to impose a universal privacy policy on the infinite number of IoT devices, Microsoft decided to launch Azure Sphere in 2018 to address the IoT fragmentation. It replaces the general-purpose microcontroller units (MCU) used in most of the connected devices with a secure one, designed so that each subsystem of the chip is securely isolated from the others.
  3. Physical security — Devices are vulnerable to theft and infiltration. A simple USB key can be used to upload counterfeit software or firmware that changes the configuration of the device to access the private data. Encrypted tunnels, firewalls, and access control are therefore essential.
  4. User Error — Given the multitude of devices within the edge (connected together and within networks), experts have a hard time implementing cybersecurity solutions. A solution to user errors and external edge attacks is to rely on a third-party management program.

Although there are many solutions to prevent attacks, certain segments present higher risk use cases than others.

  • Autonomous vehicles — Threats are on three levels: control, communication, and sensing. Recently Tencent Keen Security Lab, a Chinese cybersecurity firm, uncovered a range of flaws in BMW’s autonomous vehicles. A team of white-hatted hackers managed to take control of the audio, visual and navigation units without any physical connection. Although BMW has rolled out modifications, it is is all the more alarming as all parts of an autonomous vehicle are managed by a computer. V2V (vehicle-to-vehicle) communication, which is a major source of data for guidance and control systems, is also susceptible to hacking. This can propagate upwards and compromise the security of the control layer.
  • Industry 4.0  Due to the interconnected nature of industry 4.0-driven operations, cyberattacks have far more extensive effects than ever before.  Although no single attack could bring down the entire network, the increasing number of entry points makes it crucial for industrial executives to be apprised of the potential risks. Studies show that more than 50% of small and medium-sized businesses have experienced a cyberattack in the last five years and that manufacturing is one of the most frequently targeted industries. However, in comparison, edge computing is still more secure than the cloud.
  • Home & wearable accessories IoT — While most people are aware of the risks associated with mismanaging passwords of traditional IT devices, most users aren’t accustomed to the risks associated with IoT devices. Two years ago, for instance, a large number of printers were hacked worldwide urging people to subscribe to PewDiePie’s YouTube channel. Connected watches or wireless headphones are also often hacked. Indeed, Bluetooth devices can leave gaps for security breaches.

To conclude, the rapid growth of the edge computing market (often considered more secure, faster and cheaper than cloud computing) goes hand in hand with the multiplication and scattering of cybersecurity challenges. Not because it is new, but due to the volume of data that is processed. There is no magic recipe for the time being, which is why research and investment will undoubtedly increase drastically in the coming years. According to studies, global cybersecurity spending could reach $134 billion in 2022.

2 Key Figures

268 Edge computing startups

registered by Tracxn

Market size expected to reach $43.4bn by 2027

According to Grand View Research, the market size is expected to grow from $2.5bn in 2019 to $43.4bn by 2027, at a CAGR of 37.4%.

3 startups to draw inspiration from

This week, we identified three startups that we can draw inspiration from: Edgescan, EDJX and Clearblade.

Edgescan

Edgescan is an irish startup that delivers full stack vulnerability management, i.e. deep security assessment of web applications, supporting app servers, components and associated hosting environments. They cover off supporting systems in both cloud and edge data center environments.

Read more

EDJX

The USA-based startup EDJX, provides object storage, serverless, and edge services, resulting in zero infrastructure to manage. The company develops hardened and secure nodes suited for industrial environments with low latency.

Read more

ClearBlade

ClearBlade is an edge computing software company enabling enterprises to rapidly engineer and run secure, real-time IoT applications. Clearblade provides sofwares with encryption, authentication, and authorization of API access including tokens and certificates.

Read more
Interested in a startup landscape or in an insights report?
Please fill out our contact form so that we can get back to you very quickly with our product offer.
Same topic
Climate Tech Trends - 10/04/2024

Solving the FOAK Equation—CAPEX & Climate Tech

3 min de lecture
Climate Tech Trends - 10/04/2024

From Cleantech 1.0 Bubble to Climate Tech Era

3 min de lecture
Climate Tech Trends - 10/04/2024

What is Climate Tech?

2 min de lecture