Security News > 2022 > May > Deep Dive: Protecting Against Container Threats in the Cloud

"Kubernetes attacks are actually quite common, especially given how popular the container orchestration software is," said Trevor Morgan, product manager at comforte AG. "The array of threats to Kubernetes environments is quite broad.".

As an example of how popular targeting vulnerable cloud infrastructure has become, Akamai security researcher Larry Cashdollar recently set up a simple Docker container honeypot, just to see what kind of notice it might attract from the wider web's cadre of cyberattackers.

The attacks were varied in terms of their goals: One campaign tried to use the container as a proxy to tap into Twitch streams or access other services, another attempted a botnet infection, another performed cryptomining, and the last effort involved running a work-from-home scam.

As these examples show, "Profit is still the primary motivation for cybercriminals targeting containers," explained Mark Nunnikhoven, distinguished cloud strategist at Lacework.

Adversaries could exploit it by building dedicated container images designed to steal the host's token when they were pulled into a project.

"Learn from reported breaches and other incidents. They are not just situations that happen to other companies - your business right now may be sustaining an attack somewhere, perhaps on your container environment. Assume that that's the case and act accordingly to audit, assess and bolster your defensive posture. The fallout is much more expensive and certainly is damaging to your organization as a whole."

News URL

https://threatpost.com/container_threats_cloud_defend/179452/