The guide also outlines basic measures to prevent and mitigate damage from Kubernetes hacks.
The NSA and the US Cyber and Infrastructure Security Agency have published a 59-page guide to hardening Kubernetes clusters.
Originally developed by Google engineers as part of the Cloud Native Computing Foundation, Kubernetes is currently one of the most popular container orchestration software. Kubernetes allows sysadmins to easily deploy new IT resources using software containers. Most of the software is used in cloud infrastructure.
Because the Kubernetes and Docker model is so different from traditional monolithic software platforms, many sysadmins are not good at configuring Kubernetes with security in mind.
Over the past few years, a number of crypto mining botnets have attacked Kubernetes installations with insecure configuration settings. Attackers scanned the Internet for available online Kubernetes management functions without authentication or applications running on large clusters (such as Argo Workflow and Kubeflow), accessing endpoints and deploying cryptocurrency mining software to the victims’ cloud infrastructure.
Rare attacks began in early 2017 and by now have turned into a real avalanche – several cybercriminal groups can simultaneously fight for the same cluster.
In addition to basic instructions for setting up a configuration, the guide also outlines basic measures to prevent and mitigate damage from Kubernetes hacks.
Catch up on more stories here
Follow us on Facebook here