It takes less than one hour to exploit vulnerable container infrastructure

2021-06-24 04:00

Aqua Security published a research revealing a continued rise in cyberattacks targeting container infrastructure and supply chains, and showing that it can now take less than one hour to exploit vulnerable container infrastructure.

"At the same time, we're also seeing that attacks are now demonstrating more sinister motives with greater potential impact. Although cryptocurrency mining is still the lowest hanging fruit and thus is more targeted, we have seen more attacks that involve delivery of malware, establishing of backdoors, and data and credentials theft."

Vulnerable container infrastructure challenges Higher levels of sophistication in attacks: Attackers have amplified their use of evasion and obfuscation techniques in order to avoid detection.

Botnets are swiftly finding and infecting new hosts as they become vulnerable: 50% of new misconfigured Docker APIs are attacked by botnets within 56 minutes of being set up.

Increased use of backdoors: 40% of attacks involved creating backdoors on the host; adversaries are dropping dedicated malware, creating new users with root privileges and creating SSH keys for remote access.

Volume of attacks continues to grow: Daily attacks grew 26% on average between the first half and second half of 2020.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/UgkkUQPgzLo/

#exploit #infrastructure