Security experts widely agree on a prediction for Kubernetes in 2019 and beyond: As adoption increases, so will the risks – as has been the case for many enterprise technologies, such as mobile.
“The highly dynamic nature of container environments orchestrated by Kubernetes presents of number of specific security challenges that are only going to become more prominent as enterprise adoption increases,” says Gary Duan, CTO and co-founder NeuVector.
As Kubernetes’ star rises, it becomes a more interesting target for bad guys.
“The rapid rise in adoption of Kubernetes is likely to uncover gaps that previously went unnoticed on the one hand, and on the other hand gain more attention from bad actors due to a higher profile,” says Amir Jerbi, CTO at Aqua Security.
One notable such gap came to light in late 2018: CVE-2018-1002105, a privilege escalation vulnerability.
“The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes cluster,” Badani explained. “Not only can this actor steal sensitive data or inject malicious code, but they can also bring down production applications and services from within an organization’s firewall.”
OpenShift quickly released updates to address the issue, as did the underlying Kubernetes project. “This”, as Mike Bursell, Chief Security Architect at Red Hat points out, “is one of the benefits of deploying a product with both an active community and commercial support. The response to the problem was very swift, and the community is working to improve the security of the project as a whole.”
“CVE-2018-1002105 served as a warning shot to the DevOps and IT security world that unsecured Kubernetes clusters can and will be targeted and exploited,” Duan says.
Experts point to several overlapping categories of issues that deserve focus moving forward. These include:
1. Application and environment misconfigurations
A misconfiguration can mean a vulnerable container, which then potentially enables an attacker greater access within that container’s environment, as well as other potential risks.
“Application misconfigurations or vulnerabilities can leave Kubernetes containers running in pods exposed to compromise, allowing attackers to then probe the environment for further weaknesses,” Duan says. “Attackers will then seek to establish unauthorized connections between pods to disrupt applications or gain access to sensitive data.”
Misconfigurations – which in some cases may be a matter of simply not paying attention to configurations – will be a considerable source of risk as more organizations deploy containerized applications to production environments, according to Chris Roberts, an advisor at Attivo Networks.
“How many of the installations out there are still relying upon defaults? How many have weak configurations, interconnects, and/or rely upon code bases that are not well-validated, understood, or tested/supported?” Roberts asks. “Arguably, the lack of well-configured environments that are not being monitored or protected will have a huge impact on the number of vulnerabilities in 2019.”
2. Container-level issues
Whether the result of misconfiguration or other issues – including poor security hygiene in general – one vulnerable container can lead to bigger problems, as Marc Feghali, founder and VP of product management at Attivo Networks, explains.
“If attackers compromise a container, they can attempt to escalate privileges to take control of additional containers or the entire cluster,” Feghali says. “If attackers compromise a privileged container or steal credentials with privileges to manage the Kubernetes cluster, they can cause a great deal of damage by accessing the cluster and any data traffic between containers. This can lead to data theft or resource-hijacking.”