Kubernetes applications are vulnerable to ransomware attacks

Sheila Zabeu -

March 24, 2022

The Kubernetes platform is rapidly being adopted in mission-critical environments around the world. According to a recent study by Veritas Technologies, 87% of organizations are expected to deploy containers in the next two to three years, with a third of the companies surveyed already using them today. Of concern is that only 33% of these organizations have tools to protect against data loss incidents, such as ransomware attacks

Kubernetes are an open-source container orchestration platform that enables the operation of elastic server structures for cloud applications. The technology was originally developed by Google and is currently maintained by the Cloud Native Computing Foundation. According to the study, 48 per cent of organizations said their containerized environments have already fallen victim to ransomware attacks. Another 89% of respondents also said that ransomware against Kubernetes is an issue for their organization today.

“Kubernetes is easy to deploy and quickly raises accessibility, flexibility, and scalability levels, so it’s no wonder so many are adopting containerization. However, because deployment is so simple, organizations can easily adapt Kubernetes, leaving aside the protection of these environments,” explains Anthony Cusimano, solution evangelist at Veritas. Suddenly, these organizations found themselves with two-thirds of their mission-critical Kubernetes environments completely unprotected against data loss. “Kubernetes technology has become the Achilles’ heel in organizations’ ransomware defense strategies,” Cusimano points out.

Currently, only 40% of organizations are securing container environments. The rest are making protection schemes more complex with standalone products to secure part or all of the Kubernetes platform. While 99% of respondents believe there are benefits to taking an integrated approach, almost half (44%) say they know little or nothing about solutions that can protect data across traditional, virtual, and Kubernetes environments.

Among the main risks associated with siloed protection solutions were more complex or time-consuming processes for restoring data after intrusions and higher costs of deploying multiple solutions. On the other hand, the most compelling reasons to adopt a single integrated data loss and ransomware attack protection were simplified restore processes and a single central hub to manage data protection.

The hope is that organizations will be able to ensure more protection for Kubernetes environments over time. For 29%, ransomware will no longer be an issue five years from now. To achieve this peace of mind, organizations expect to spend, on average, 49% more on containerized data protection in five years than they do today. In addition, 61% expect future investments in protection infrastructure to leave them “very well-prepared” against ransomware attacks on Kubernetes environments in the next five years.

The study was conducted in February 2022 covering 11 markets in the Americas (United States and Brazil), Asia Pacific and Japan (Australia, China, Japan, Singapore, and South Korea), and EMEA (France, Germany, UAE, and UK) with interviews of 1,100 IT decision-makers in organizations with more than 1,000 employees.

Warning from authorities

Despite the greater flexibility offered by Kubernetes compared to monolithic software platforms, this benefit comes at a price, which is greater care in terms of cybersecurity. Warnings from two major US security authorities – the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA). They recently released a Kubernetes Protection Guide for government agencies, but it can easily be applied to other types of organizations.

The paper lists three main sources of compromise for Kubernetes: supply chain risks that may arise in the container development or infrastructure acquisition cycle, malicious actors attempting to breach containers, and insider threats. Recommendations are presented in five categories and extensive documentation on how to implement them.

Containers market

According to a study by ResearchAndMarkets, the preferred public cloud container service is AWS, followed by Microsoft and Google. On the RedHat website, an infographic is available pointing the way with important considerations for choosing a Kubernetes platform.

The application container market is expected to register a compound annual growth rate of 29% during the period 2021 to 2026. Organizations are using containers to modernize legacy applications, optimize infrastructures, and help bring innovations to market faster by reducing release cycles.