A resurgence of interest in edge computing will create new vulnerabilities and open up a new avenue for hackers, says Nick Savvides, Symantec’s chief technology officer for APJ.
Setting out a series of predictions for cyber security developments in 2019, Savvides declared “The edge is back … And IoT is driving it.”
According to Savvides, one of the big problems with edge computing devices is that they will be ‘black boxes’ offering little visibility.
“We have a lot of experience in locking down systems and services and software but a lot of these edge devices are being delivered as virtual appliances that have no visibility,” he said.
“They are delivered as something you turn on, give an IP address and expect to talk everything to talk to it and it to talk to the cloud. This is a big problem.
“We don’t know what the threat landscape is going to bring. We don’t have infinite foresight into vulnerabilities so problems will manifest themselves.”
Another problem, he suggested, was that a compromised edge device could be used to compromise related software in the cloud.
“Can I poison an edge controller and poison machine learning algorithms in the cloud and then manipulate the way other things are operated?” he said.
And also that it could be difficult extending data protection and privacy policies to edge devices.
“Is the data that is collected in a way that is appropriate for GDPR? If I have the right to be forgotten and the data sitting in the cloud is only an aggregate of what is sitting in the edge controllers have I fully met my obligations?”
