Five Eyes shares fresh guidance for network edge device security

News
By
published

Edge devices are attractive targets - here’s how to stay safe

A Wi-Fi router placed on a desk with cables going in. A hand is holding a padlock on top of the router.
(Image credit: Shutterstock / Gleb Usovich)
  • New guidance from the Five Eyes Alliance outlines edge device expectations
  • Cybersecurity agencies from the UK, Canada, and Australia and more publish recommendations
  • The guidance is primarily for edge device manufacturers

The Five Eyes Alliance, a group of cybersecurity agencies from the UK, Australia, Canada, New Zealand, and the US, have come together to issue cybersecurity guidance for device manufacturers.

With critical infrastructure sustaining 13 cyberattacks per second in recent years, mitigating the effects of compromises is a priority at every stage.

The new recommendations are for manufacturers of network edge devices and appliances such as routers, firewalls, virtual private network (VPN) gateways, Internet of Things (IoT) devices and more.

Manufactured vulnerabilities

The aim of the advice is to help network defenders ‘secure organisational networks both before and after a compromise’ and to set expectations for the minimum requirements for forensic visibility. This will enable network defenders to more easily detect and investigate malicious activity.

The four sets of published requirements include the UK NCSC’s digital forensics guidance, Canada’s CCCS edge device security considerations, and from the Australian ACSC, both mitigation strategies and practitioner guidance.

Threat actors have been known to exploit flaws in edge devices to gain access to networks - so securing these devices will be crucial in the fight against cybercrime.

Edge devices usually have public IP addresses that can be reached from anywhere, and are particularly vulnerable to hackers because they handle important information and connect to external networks directly.

Included in the guidance are logging requirements, setting out the minimum expectations for threat detection and detailed event recording, and forensic data acquisition requirements, like volatile data collection to help facilitate automatic analysis and helping human investigators detect anomalous events.

“Device manufacturers are encouraged to include and enable standard logging and forensic features that are robust and secure by default, so that network defenders can more easily detect malicious activity and investigate following an intrusion,” said the UK’s National Cyber Security Centre.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
5G
Securing 5G edge network – what companies should know before stepping on the edge of tech
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Hardware supply chain threats can undermine your endpoint infrastructure
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
IoT’s botnet problem is up 500% – three things admins must do now
AI security shield
The US wants security requirements as standard to stop sensitive data from falling into enemy hands
Abstract image of cyber security in action.
It’s time to catch up with cyber attackers
Latest in Security
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
HTTPS in a browser address bar
Malicious "polymorphic" Chrome extensions can mimic other tools to trick victims
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Latest in News
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
New Samsung Galaxy S25 Edge may have revealed some key details – including its price
More about security
Woman shocked by online scam, holding her credit card outside

Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Cryptocurrencies

Ransomware’s favorite Russian crypto exchange seized by law enforcement
70mai 360 Omni 4K Dash Cam

I've reviewed dozens of dash cams, and 70mai's new rotating 4K dash cam is unlike any other
See more latest
Most Popular
International Space Station
Is the moon too far for your data? IBM's Red Hat is teaming up with Axiom Space to send a data center into space
Samsung NAND
Well, that's unexpected: Samsung will team up with its fiercest Chinese rival to produce next gen NAND flash
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Molecular hard drive
Chinese researchers are looking to create a revolutionary type of hard drive based on organic materials but huge unknowns remain
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 10 (game #1141)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 10 (game #372)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 10 (game #638)
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max