Rises in Cyber Security Risks in Cloud Computing
As it recently hit the middle of the 2019 year, computer security company Skybox Security issued an update to is Vulnerability and Threat Trends Report. In this report, threats, exploits, and vulnerabilities are analyzed. The main finding of the 2019 Vulnerability and Threat Trends Report is the immense growth of vulnerabilities appearing in cloud containers. Cloud containers are basically low overhead, lightweight virtual machines (VMs). They have been used as replacements for traditional VMs as cloud containers are faster and more simple. On the other hand, as deployment gets easier, security lapses tend to happen more frequently. These security hiccups include known weaknesses that get replicated and deployed all across public, private or hybrid cloud infrastructures.
Skybox Security, a Silicon Valley startup, has reported that vulnerabilities in software within cloud containers have increased by 46% in just the first half of 2019. This statistic is compared to the data reported from the previous year period, 2018. When compared between the two years ago figures, the vulnerabilities increased 240%.
It is no surprise that as cloud infrastructure technology and adoption increases, so will the vulnerabilities. The concerning part of the risks is that attackers are racing to develop exploitations. In a cloud container, events are more numerous and replications are increased. So when cyber attackers target cloud containers, the consequences are bound to be exponential. The footprint of the attack has the ability to expand quickly, creating more and more victims.
There is one specific vulnerability known as CVE-2019-5736 that allows the criminal attacker to access administrative privileges and take over the server. This vulnerability has already affected Docker and Kubernetes, Linux users and even Amazon’s AWS and Google Cloud customers.
From the report, it is found that there are 7,000 known vulnerabilities. And although that number is daunting, only around 659 of those will have an exploit created for. If you are still uneasy, you may be glad to hear that less than 1% of that will actually be used for exploitations on a large scale. The bad news is, however, is the complexity of cloud computing makes it hard to identify which of the vulnerabilities will be potentially exposed to attacks and which ones represent critical risks.
Cloud computing was thought to be the future of data technology. Now as times progress, it is only natural to have a new future. Cloud containers are looking to be the future of cloud computing, replacing the traditional VMs architecture. In the cloud container technology, software developers will be able to group their application with codes, libraries, content, anything the app needs to run. This will make it simpler and faster for users to deploy, without the need for extensive configuration.
Like many new technological advancements to the IT infrastructure, it is vital that tools are created to ensure security, continuity, and resilience. Whether you utilizing the powers of classic cloud computing or cloud containers, it is important to have a disaster recovery plan and checklist as well as backups ready to go.