Multi-access Edge Computing – Part 2: Security Challenges of Securing MEC

Continued from: Multi-access Edge Computing – Part 1: How does Multi-access Edge Computing work?

Multi-access edge computing (MEC) is a network architecture that provides network operators and service providers with cloud computing capabilities and an IT service environment at the edge of the network.

Like all network technologies or architectures, multi-access edge computing is not immune to threats and hazards. After all, cybersecurity is one of the fastest growing industries on the planet.

[[242833]]

The most important thing to take away from the discussion about cybersecurity is that all organizations should protect any application running on the network, regardless of the underlying infrastructure, be it edge computing architecture or otherwise.

Having said that, there are several ways to better prepare security measures for multi-access edge computing architectures, which we will discuss later.

First, let’s take a moment to understand the threats facing MEC systems.

1. What are the threats?

MEC networks or devices may present various threats and dangers, and network operators and administrators should always be aware of the dangers they face in their work. To better inform you of the risks faced by multi-access edge computing, the following is a list of the five most common or most destructive attacks that MEC architectures or devices may be vulnerable to.

1. Compromised Protocols

One of the most severe attacks that multi-access edge computing systems are susceptible to is the compromise of insecure Internet protocols. If a hacker has compromised your edge system, they will likely be able to read and modify any data or network traffic that is transmitted through connected edge devices.

Many of these protocols are insecure by default, so you should always consider what you might need to protect and what potential impact this will have on your business and network operations for protocols such as SMTP (primarily used for email) and HTTP (primarily used for insecure web browsing).

2. Man-in-the-middle attack

Speaking of protocols, they, along with certain types of security measures, can also be vulnerable to man-in-the-middle attacks, which are attacks where a hacker or malicious agent intercepts, relays, and potentially alters the communications of two or more parties who believe they are communicating directly with each other.

The DNS protocol is particularly vulnerable to this type of attack, however, other protocols, such as improperly configured encryption protocols, can also be vulnerable to man-in-the-middle attacks. Attacks such as these typically indicate that the attacker has control over one or more edge devices.

3. Fake information and logs

The situations detailed in the two scenarios above are bad enough on their own, but they lead to even bigger problems for multi-access edge computing architectures and any connected networks or devices.

Falsified information and logs can have disastrous consequences for data integrity and overall business operations. Such attacks can also be used to further strengthen the control of a system by malicious hackers, who use falsified information to bypass security measures and gain access to other vulnerable subsystems or applications.

4. Lack of strategy execution

The loss of policy enforcement capabilities, such as VPN termination, IP whitelisting, or MPLS/VLAN tagging, can also have a significant impact on system and network integrity. Ensuring these scenarios are considered before deploying an MEC system can help reduce the potential for compromise.

For those looking to invest in MEC architecture, it is important to understand and know how to counter security measures. If these measures fail, hackers could potentially break into your system and access all the data on vulnerable edge devices.

5. Data Loss

The most obvious risk of inadequate security and protection is the potential exposure of data to those who could intercept and steal it. Not only is personal and sensitive data at risk of being intercepted, but also the metadata generated by edge devices that details your business or organization’s internet usage and browsing behavior.

The services and applications you access, the identities of people connected to your network, and all the details that can be obtained through other network data such as email content and recipients can be accessed by a hacker with the resources and expertise.

2. Securing MEC

There is no doubt that securing a multi-access edge computing architecture is a challenge that is still controversial and solutions are still being developed. Since there are currently few real-world examples of fully developed multi-access edge computing deployments, it is difficult to predict how MEC architectures will affect security and its protection measures.

The four-layer approach appears to be a promising approach to MEC security. This approach breaks down the security of the MEC architecture into four different layers, including the hardware layer, the communication layer, the cloud security layer, and the management layer.

The hardware layer focuses on the security-by-design approach that OEMs take during the design of their products, making it easier to implement further protections when and where they are needed.

The communications layer will focus on how data is transmitted and how best to protect it, using custom methods for both long and short distance communications.

The Cloud Security Layer is designed to take the most sensitive, personal, or confidential data and send it to the cloud where it can be protected using the strongest encryption services available. Cloud-based authentication measures can also be used within the Cloud Security Layer.

The fourth and final layer will focus on the management and lifecycle aspects of MEC security. This includes downloading security and firmware updates to keep your system up to date.

In this final article in this series, we’ll discuss five ways that multi-access edge computing will be used in the near future.

Original link:

https://www.lanner-america.com/blog/multi-access-edge-computing-part-2-security-challenges-protecting-securing-mec/