Security News > 2021 > June > Attacks Against Container Infrastructures Increasing, Including Supply Chain Attacks
Attacks against the container infrastructure are continuing to increase in both frequency and sophistication.
The attacks are becoming more evasive, while the supply chain is now targeted.
Aqua Security's Team Nautilus has analyzed 17,358 attacks against its honeypots between June 2019 and December 2020.
Until recently, most attacks would use a dedicated malicious image that could potentially be detected by anti-malware security, or a benign image running malicious scripts at the entry point, which would need a dynamic scanner able to detect files written to disk during runtime.
"At the same time, we're also seeing that attacks are now demonstrating more sinister motives with greater potential impact. Although cryptocurrency mining is still the lowest hanging fruit and thus is more targeted, we have seen more attacks that involve delivery of malware, establishing of backdoors, and data and credentials theft."
The biggest takeaways from the research are that the volume of attacks is increasing; and that these teams are adapting and updating their techniques at a faster rate - creating a more rapid cat-and-mouse game for container defenders.
News URL
Related news
- Revival Hijack supply-chain attack threatens 22,000 PyPI packages (source)
- Russian military hackers linked to critical infrastructure attacks (source)
- Australian Police conducted supply chain attack on criminal collaborationware (source)
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)