Cyble Research Labs observed over 900,000 Kubernetes exposures across the internet.
… it emphasizes the existence of seemingly simple misconfiguration practices that might make companies lucrative targets for TAs in the future.
Kubernetes, often known as K8s, is an open-source system for automating containerized application deployment, scaling, and administration. K8s incorporates virtual and real machines to create a uniform API interface. Developers can use the Kubernetes API to launch, scale, and manage containerized applications. Kubernetes assists with the management of containers that execute applications and ensures that there is no downtime in a production environment.
the United States, at 65%, has the highest exposure count, followed by China (14%) and Germany (9%), as shown below.
Misconfigurations are the key attack vector in which hackers are penetrating and staying resident in our systems. In fact, the Palo Alto Unit 42 security group posted that 98% of cloud identity permissions were “misconfigured and/or over-permissioned.” It is imperative that enterprises professionally and best w/ a 3rd party tool or resource or both – check their identities and configurations.
Despite delivering billions of applications with advanced ease and manageability, a major concern of Kubernetes is their ability to maintain security standards across the board. The mantra of “with greater scale comes greater responsibility” should be called upon by security professionals to ensure that the open-source software does not provide free exposure to external parties (attackers or researchers alike). Balancing advanced security with growth is a challenge, but a critical necessity for the long-term endurability of assets.
While Kubernetes is mainly responsible for implementing software security, it is the organization’s responsibility to perform the minimum procedures (regularly update Kubernetes software, resolve misconfigurations, employ a password-protected dashboard, close default public ports, etc.). In earlier years, the responsibility of security was placed heavily on the user along with the act of “using”. However, as more incidents occur between software companies and the enterprises that they serve, the responsibility of security must be further shared.