CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Network Security

The Intelligent Edge: An Increasing Target for Bad Actors

The traditional network perimeter has been replaced with multiple edge environments. These include WAN, multi-cloud, IoT, home offices, the new device edge, and more. Each edge environment comes with its own set of unique risks and vulnerabilities, which is why they have become a prime target for cybercriminals, who are shifting significant resources to strategically target and exploit emerging network edge environments.

The traditional network perimeter has been replaced with multiple edge environments. These include WAN, multi-cloud, IoT, home offices, the new device edge, and more. Each edge environment comes with its own set of unique risks and vulnerabilities, which is why they have become a prime target for cybercriminals, who are shifting significant resources to strategically target and exploit emerging network edge environments. Organizations need the right knowledge and the right resources to remain protected as these and newer threats emerge.

The rise of the intelligent edge

The new “intelligent edge” is one of the biggest trends impacting businesses across industries. The intelligent edge is widely defined as the combination of advanced wireless connectivity, compact processing power, and AI to analyze and aggregate data in a location as close as possible to where it is captured in a network. One outcome of this is the emergence of the distributed cloud, where ad hoc networks are created dynamically by groups of endpoint devices running a common virtual platform. This intelligent edge, sometimes known as “intelligence at the edge” has huge ramifications for the interaction between mobile and IoT devices and the rest of the network.

Deloitte predicts the global market for the intelligent edge will reach $12 billion in 2021, driven in part by expanding 5G networks and hyperscale cloud. There is great potential for those organizations able to harness the potential of the intelligent edge, but there’s also increased opportunity for cybercriminals to ply their trade in new ways.

New risks introduced 

If the history of cybersecurity has taught us anything, it’s that any time that we implement a new tool, a new capability, or a new functionality, security threats follow. Given the rate of adoption and the number of devices involved, it’s no surprise that attackers see the intelligent edge as a ripe opportunity. All we need to do is to look at how these tools can be weaponized to understand what we will soon be up against as bad actors innovate.

Compounding the challenge further, all of these edges are interconnected through applications and workflows, and there isn’t always consistent security in place to provide centralized visibility. In fact, unified controls and centralized visibility are sometimes being sacrificed in favor of performance and agility levels that many traditional security solutions cannot provide. This is one of the most significant advantages of the intelligent edge for cybercriminals. And as smart devices increasingly become an integral part of our lives, successfully compromising these systems could enable attackers to turn off local security systems, disable cameras, and even hijack smart appliances and hold them for ransom.

But that’s only the beginning. More sophisticated attackers will also use compromised edge networks and connected home systems as a springboard to other things. They may, for instance, carefully coordinate corporate network attacks launched from a remote employee’s home network. And it will be able to mask such attacks–particularly when usage trends are clearly understood–so they don’t raise suspicions. Intelligent malware that has access to stored connectivity data can hide much more easily.

Advertisement. Scroll to continue reading.

In addition, advanced malware can sniff data using new EATs (or Edge Access Trojans) to do things like intercept voice requests off the local network to inject commands or compromise systems. Compromising and leveraging 5G-enabled devices will accelerate the speed at which attacks can occur, as well create new opportunities for emerging advanced threats.

What organizations can do 

Staying ahead of this new threat landscape requires high performance security solutions augmented with advanced detection, analysis, and response capabilities. In addition to using AI to enable an automated system that can detect threats and attacks before they occur, security teams can also use AI to document the behaviors of cybercriminal activity in detail. This results in playbooks that can help identify an attack, anticipate an attacker’s next moves, not only stopping their threat mid-attack, before they can complete their mission or achieve their objectives, but even anticipating attacks and taking appropriate countermeasures.

As AI and machine learning systems are more deeply integrated into network security systems, the ability of IT teams to build out such playbooks is not far from reality. In fact, various threat research organizations are already using basic playbooks using schemes like the MITRE ATT&CK framework to standardize behaviors and methodologies.

Defending the intelligent edge

As technology changes and provides new opportunities for organizations, cybercriminals are close by, lurking in the shadows and innovating new ways to exploit those new technologies. And as organizations implement new security tools and procedures, malicious actors will only grow more advanced in their attack methods, resulting in a continuous game of one-upmanship. But the emerging intelligent edge creates an exponentially larger attack surface than anything before. Intelligent malware designed to target these new devices and the arrival of things like new Edge Access Trojans are just two of the more recent threats CISOs have to deal with as they try to secure their edge. Organizations need to extend their security strategies across the infrastructure, leveraging things like EDR and behavioral analytics tools to identify threats and protect known and unknown vulnerabilities on these devices, and by managing device behavior and monitoring traffic.

During such a time of rapid evolution, CISOs must stay current on the latest threat intelligence. They also need to understand how the new technologies and network operations that their organizations are deploying to improve efficiency could also have an unexpected and lasting impact on cybersecurity. AI and automation will be invaluable tools in the fight against those who would try to target and take advantage of this new intelligent edge.

Written By

Derek Manky is chief security strategist and global vice president of threat intelligence at FortiGuard Labs. Derek formulates security strategy with more than 15 years of cyber security experience behind him. His ultimate goal to make a positive impact in the global war on cybercrime. He provides thought leadership to industry, and has presented research and strategy worldwide at premier security conferences. As a cybersecurity expert, his work includes meetings with leading political figures and key policy stakeholders, including law enforcement. He is actively involved with several global threat intelligence initiatives including NATO NICP, INTERPOL Expert Working Group, the Cyber Threat Alliance (CTA) working committee and FIRST – all in effort to shape the future of actionable threat intelligence and proactive security strategy.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.