Cyber agencies unveil new guidelines to secure edge devices
Image by Doucefleur / copyright Shutterstock
Published by GCHQ’s National Cyber Security Centre (NCSC) and cyber security agencies in Australia, Canada, New Zealand and the US, the new guidance highlights an increasing number of sophisticated malicious actors targeting vulnerabilities in edge devices.
Edge devices are internet-connected devices that sit at the ‘edge’ of a network, acting as entry points for data between local networks and the wider internet. Examples include routers, smart appliances, IoT devices, sensors and cameras, which can be particularly vulnerable to hackers as they often handle important data and connect directly to external networks.
The new guidelines encourage device manufacturers to include and enable standard logging and forensic features that are robust and secure by default, so that network defenders can more easily detect malicious activity and investigate following an intrusion.
They also set out the minimum standards for forensic visibility to help network defenders in securing organisational networks, both proactively and in response to a compromise.
NCSC Technical Director Ollie Whitehouse said: “In the face of a relentless wave of intrusions involving network devices globally our new guidance sets what we collectively see as the standard required to meet the contemporary threat.
“In doing so we are giving manufacturers and their customers the tools to ensure products not only defend against cyber attacks but also provide investigative capabilities require post intrusion.
“Alongside our international partners, we are focused on nurturing a tech culture that bakes security and accountability into every device, while enabling manufacturers and their customers to detect and investigate sophisticated intrusions.”
The guidance is part of a coordinated series of complementary publications on edge device security, released today in collaboration with agencies in Australia, New Zealand, Canada and the US, with input from the NCSC.
Earlier this year, the NCSC highlighted an Ivanti advisory about a critical security vulnerability in their remote access product, which enables employees to work from home and acts as an edge device to protect against external threats.
