The vulnerability of Edge AI

The vulnerability of Edge AI

What are some of the Cybersecurity risks of Edge Computing

Distributing data across a vast network containing numerous devices and data centers operating far from companies’ central locations can create problems with network visibility and control. Each device represents another potentially vulnerable endpoint, and the internet of things (IoT) is notorious for its lack of robust security. Other devices used in edge computing have similar problems: They’re smaller than traditional data center or server setups, not designed with safety in mind, and aren’t always updated as often as they should be.

Moreover, loopholes in edge security can provide hackers easy access to the core of a network. This is of particular concern if edge devices are rushed to market before thorough testing is performed or companies race to adopt the technology without a full understanding of the security risks involved. The smaller size of edge devices also makes them more vulnerable to being stolen or otherwise physically manipulated. Any network in which edge computing is a significant player must be maintained in a unified manner to ensure all devices receive regular updates and proper security protocols are followed. Encryption, patching and the use of artificial intelligence to monitor for, detect and respond to potential threats are all essential, and the responsibility for implementing these security measures falls squarely on companies, not end-users

How is Edge Computing related to AI?

For a while is that edge computing, sometimes called IoT, will be everywhere, and part of most corporate strategies. Mobile phones and other smart devices and sensors have transformed industries, from top to bottom. But the emergence of AI has been surprising in its power to accelerate what is happening on edge. Machine learning and deep learning have combined with increased computing power to make edge devices extraordinarily smart and getting smarter all the time. It’s allowing devices to provide insights and predictive analyses in real-time. Whether it means a small device on a lamp post can now recognize a car that is speeding, who is in the car, and whether they have a license. Or that a manufacturer can see hiccups in its supply chain and proactively avoid unplanned downtime. Or that entirely new service providers can spring up to help companies in areas like risk management or resource efficiency.

Industrial IoT is capturing colossal attention, but consumers are also hungry for the features and applications it enables on every connected device, from smartphones to consumer robots, cars, and more. Soon, 80 percent of all smartphones will have on-device AI. With on-device AI, reliability no longer depends on network availability or bandwidth, and data processing becomes instantaneous. It increases security, keeping sensitive data on the device. On-device AI also conserves network bandwidth and saves power, both on the phone and in the server room.

What are some risks/dangers of running AI at the Edge?

There are several dangers of running AI at the Edge, as AI grows more sophisticated and ubiquitous, the voices warning against its current and future pitfalls grow louder. Whether it’s the increasing automation of specific jobs, gender, and racial bias issues stemming from outdated information sources or autonomous weapons that operate without human oversight, to name just a few, unease abounds on several fronts. And we’re still in the very early stages.

Destructive super intelligence, aka artificial general intelligence that’s created by humans and escapes our control to wreak havoc, is in a category of its own. It’s also something that might or might not come to fruition theories vary, so at this point, it’s less risk than a hypothetical threat and ever-looming source of existential dread. Loopholes in edge security can provide hackers easy access to the core of a network. This is of particular concern if edge devices are rushed to market before thorough testing is performed or companies race to adopt the technology without a full understanding of the security risks involved. The smaller size of edge devices also makes them more vulnerable to being stolen or otherwise physically manipulated.

Statistics/Number

Statistic #1

Number: 70%

Description: 70% of edge devices don’t mandate authentication for third-party APIs. This lack of control makes these devices easy targets for hackers who can not only steal data directly from the tools but also infect them with malicious code or ‘bots.’

Source:https://www.datacenterknowledge.com/industry-perspectives/how-edge-computing-amplifies-security-challenges

Statistic #2

Number: 90%

Description: 90% of cybersecurity issues originate from human error within your organization, not externally. Even more alarming, it can take years to discover insider threats because they are so hard to detect and many of which derive from lack of cyber literacy.

Source:https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/

Statistic #3

Number: 82%

Description: 82% of threats in edge computing is accounted for by distributed denial of service attacks, side-channel attacks, malware injection attacks, and authentication and authorization attacks.

Source:https://www.researchgate.net/publication/333883752_Edge_Computing_Security_State_of_the_Art_and_Challenges

Statistic #4

Number: 62%

Description: 62% of businesses experienced phishing and social engineering attacks at some point in time. While the specifics may vary on how the types of social engineering attacks occur.

Source: https://www.cybintsolutions.com/cyber-security-facts-stats/

Facts

Fact #1

Headline: Phishing gets more sophisticated

Detail: Phishing attacks, in which carefully targeted digital messages are transmitted to fool people into clicking on a link that can then install malware or expose sensitive data, are becoming more sophisticated.

Source:https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/

Fact #2

Headline: Ransomware strategies evolve

Detail: Ransomware attacks are believed to cost victims billions of dollars every year, as hackers deploy technologies that enable them to kidnap an individual or organization’s databases and hold all of the information for ransom.

Source:https://www.webroot.com/blog/2019/02/28/the-ransomware-threat-isnt-over-its-evolving/

Fact #3

Headline: Cryptojacking

Detail: The cryptocurrency movement also affects cybersecurity in some ways. For example, cryptojacking is a tendency that involves cybercriminals hijacking third-party home or work computers to “mine” for cryptocurrency. For businesses, cryptojacking of systems can cause serious performance issues and costly downtime as IT works to track down and resolve the issue.

Source:https://hackernoon.com/cryptojacking-in-2019-is-not-dead-its-evolving-984b97346d16

Fact #4

Headline: Cyber-physical attacks

Detail: The ongoing threat of hacks targeting electrical grids, transportation systems, water treatment facilities, etc., represent a significant vulnerability going forward. According to a recent report in The NYT, even America’s multibillion-dollar military operations are at risk of high-tech foul play.

Source:https://www.nytimes.com/2018/10/10/us/politics/hackers-pentagon-weapons-systems.html

Fact #5

Headline: Mobile malware attacks are growing by the day

Detail: Mobile phones were considered to be more secure than computer devices. However, this immunity has worn out. Mobile malware in the form of spyware, virus, and ransomware is on the rise. The lifestyle category of apps took the largest share with music and audio, as well as books and references following closely.

Source:https://wpsecurityninja.com/7-of-the-most-interesting-facts-about-cyber-security/

Fact #6

Headline: Three industries remain the most vulnerable

Detail: Attackers are paying attention to three sectors in particular. They are government, technology, and retail. Though the industries pay attention to the security of information in the possession, they have the most personal data. This makes it exciting for cyber attackers.

Source:https://wpsecurityninja.com/7-of-the-most-interesting-facts-about-cyber-security/

Fact #7

Headline: Weak security

Detail: The race to market means that security testing is often incomplete if it happens at all. Design flaws, poor coding habits, and other shortcuts or oversights can produce a device that inadequately secures its data and is a threat to other devices on its network and the Internet as a whole.

Source:https://resources.infosecinstitute.com/security-issues-in-edge-computing-and-the-iot/

Fact #8

Headline: Human error is to blame for most of the attacks

Detail: Human error is to blame for most of the attacks. However, the organizations attacked failed to take such simple measures as updating software or taking advantage of solutions already available on the cloud platform.

Source:https://wpsecurityninja.com/7-of-the-most-interesting-facts-about-cyber-security/

Fact #9

Headline: Internet of Things attacks

Detail: Connected devices are handy for consumers, and many companies now use them to save money by gathering immense amounts of insightful data and streamlining business processes. However, more connected devices mean higher risk, making IoT networks more vulnerable to cyber invasions and infections.

Source:https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/

Fact #10

Headline: Default and weak credentials

Detail: In theory, the average person knows that they are supposed to have unique, strong passwords for their computer login, bank account, email, and so forth. In practice, the average person probably uses the same, weak password for all of these accounts. And these are accounts where the user knows the risks associated with an attacker cracking their password and gaining access to their account.

Source:https://resources.infosecinstitute.com/security-issues-in-edge-computing-and-the-iot/

Fact #11

Headline: Poor service visibility

Detail: Visibility is key to a healthy organizational security posture. If your security team is unaware of the services running on a specific machine, they can’t take the appropriate steps to ensure that it is properly configured and secured. In traditional IT, this is a reasonable well-solved problem. Most computers don’t come running Web servers and other potentially insecure services by default.

Source:https://resources.infosecinstitute.com/security-issues-in-edge-computing-and-the-iot/

Fact #12

Headline: Hackers attack every 399 seconds

Detail: A Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers. In the presence of Internet access, Hackers attack every 39 seconds on average—and the non-secure username and passwords we use that give attackers more chance of success.

Source: https://www.neowin.net/news/hackers-attack-every-39-seconds/