Hundreds of thousands of endpoints (opens in new tab) running Kubernetes API have been exposed to the internet, and so could potentially be vulnerable to virus deployment and other cyberattacks, new research has found.
A report from nonprofit organization The Shadowserver Foundation recently scanned a total of 454,729 systems hosting the container orchestration system, and found 84% to be accessible via the internet, at least to some degree. That’s a total of 381,654 systems.
While being exposed to the internet does not automatically mean compromised, it is the first, and most important step, toward a data breach. What’s more all of these are most likely the result of misconfigurations, rather than intent.
Implementing authentication
After all, a recent security report found that most people using Kubernetes don’t know exactly what they’re doing.
“While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface,” Shadowserver says in the blog post. “They also allow for information leakage on version and build.”
Of all the accessible instances, 201,348 (53%) were located in the United States, the organization stated. It stressed that companies with internet-accessible Kubernetes API servers should implement some form of access authorization, or block access at the firewall (opens in new tab), to prevent possible data breaches and cyberattacks.
Kubernetes is a ten-year-old Google product for container management, both on-prem and in the public cloud, maintained by the Cloud Native Computing Foundation.
Commercial versions are sold by multiple software companies. Amazon, Google, IBM, Microsoft, Oracle, Red Hat, SUSE, Platform9, and VMware, all offer Kubernetes-based platforms or infrastructure as a service (IaaS) that deploy Kubernetes.
It is extremely popular, being used by most companies worldwide, according to market analysts Statista.
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba