Connect with us

TECHNOLOGY

Evolution of cybercriminals’ attacks on cloud native environments revealed

Published

on

A graphic of a padlock.


Attackers are finding new ways to target cloud native environments, according to Nautilus, the threat research team of cloud native security provider, Aqua Security.

The team’s latest research shows that adversaries are adopting more sophisticated techniques, leveraging multiple attack components, and shifting attention to Kubernetes and the software supply chain. The “2022 Cloud Native Threat Report: Tracking Software Supply Chain and Kubernetes Attacks and Techniques” provides insight on trends and key takeaways for practitioners about the cloud native threat landscape.

The study revealed that adversaries are engaging with new tactics, techniques and procedures (TTPs) to specifically target cloud native environments. While cryptominers were the most common malware observed, with increasing frequency, Team Nautilus discovered an increased usage of backdoors, rootkits, and credential stealers — signs that intruders have more than cryptomining in their plans. Backdoors, which permit a threat actor to access a system remotely and are used to establish persistence in the compromised environment, were encountered in 54% of attacks (up 9% compared with in 2020). Additionally, half of the malicious container images (51%) analyzed by researchers contained worms, which allow attackers to increase the scope of their attack with minimal effort (up 10% compared with 2020).

Notably, threat actors also broadened their targets to include CI/CD and Kubernetes environments. In 2021, 19% of the malicious container images analyzed targeted Kubernetes, including kubelets and API servers, up 9% compared with the previous year.

Assaf Morag, Threat Intelligence and Data Analyst Lead, Aqua’s Team Nautilus, said: “These findings underscore the reality that cloud native environments now represent a target for attackers, and that the techniques are always evolving.

“The broad attack surface of a Kubernetes cluster is attractive for threat actors, and then once they are in, they are looking for low-hanging fruit.”

Other key findings:

Advertisement

The proportion and variety of observed attacks targeting Kubernetes has increased, and this includes a wider adoption of the weaponization of Kubernetes UI tools.
– Supply chain attacks represent 14.3% of the particular sample of images from public image libraries, showing that these attacks continue to be an effective method of attacking cloud native environments.
– The Log4j zero-day vulnerability was immediately exploited in the wild. Team Nautilus detected multiple malicious techniques, including known malware, fileless execution, reverse shell executions, and files that were downloaded and executed from memory – all emphasizing the need for runtime protection
– Researchers observed honeypot attacks by TeamTNT after the group announced its retirement in December 2021. However, no new tactics have been in use, so it is unclear if the group is still in operation or if the ongoing attacks originated from automated attack infrastructure. Regardless, enterprise teams should continue preventative measures against these threats.

Aqua’s Team Nautilus made extensive use of honeypots to investigate attacks in the wild, and to investigate supply-chain attacks against cloud native applications, the team examined images and packages from public registries and repositories, such as DockerHub, NPM and Python Package Index. Team Nautilus utilised Aqua’s Dynamic Threat Analysis (DTA) product to analyse each attack. Aqua DTA is the industry’s first container sandbox solution that dynamically assesses container image behaviours to determine whether they harbour hidden malware. This enables organizations to identify and mitigate attacks that static malware scanners cannot detect.

“The key takeaway from this report is that attackers are highly active — more than ever before — and more frequently targeting vulnerabilities in applications, open source and cloud technology,” said Morag. “Security practitioners, developers and devops teams must seek out security solutions that are purpose-built for cloud native. Implementing proactive and preventative security measures will allow for stronger security and ultimately protect environments.”

To ensure cloud environments are secure, Aqua’s Team Nautilus recommends implementing runtime security measures, a layered approach to Kubernetes security, and scanning in development.

Tags: ,



Source link

Advertisement

TECHNOLOGY

Changing Tides at NAMIC

Published

on

Changing Tides at NAMIC


What a hot and lively week in Dallas! 98F and a huge crowd at the 127th National Association of Mutual Insurance Companies (NAMIC).

Over 1000 senior insurance executives, board members, and service partners, represented 400+ property and casualty insurance and related companies. NAIC officers discussed the insurance trends, regulatory challenges, and barriers to competitive markets. 45 speakers held economy power sessions and education sessions sharing thought leadership on the biggest industry challenges and opportunities. 

I had the honor to address the hottest topic – “The Future of Work” – at NAMIC. My session began with a live poll on the top 3 most common reasons given for employees quitting jobs. Here are the most voted reasons among the 181 votes: Lack of workplace flexibility, inadequate compensation, unmeaningful work, and lack of career development.

Here are the results in percentages:

results_in_percentages_tech.png

 

In 2021, 47 million Americans quit their jobs and entered the era of the great resignation. Since January of 2022, over 4 million Americans quit each month. To understand why, McKinsey surveyed 13000 employees in 6 countries from April 21 to April 22. The top reasons for people quitting jobs were lack of career development/advancement, inadequate compensation, uninspiring leaders, and lack of meaningful work. Below is a chart with more details.

Below_is_a_chart_with_more_details.png

The live audience poll and McKinsey’s survey both ranked meaningful work, career growth, and compensation as top reasons for quitting, followed by uninspiring leadership and lack of workforce flexibility.

Advertisement

Moreover, the future workforce demographic is changing from baby boomers to millennials and Gen Z. According to Pew Research, by 2050, 75% of the workforce is expected to be made up of millennials. 44% of millennials say they are more likely to be engaged when their managers hold regular meetings with them. Currently, only 21% meet with their manager on a weekly basis. Gen Z has surpassed millennials as the largest generation, making up 12% of the workforce. 22% of Gen Zs currently have at least one immigrant parent. By 2026, Gen Z will become the largest non-white generation. For Gen Z, community, diversity, and inclusion as well as their sense of passion and purpose hold utmost importance.

My speech covered three main topics: talent management including upskilling, transitioning to a hybrid environment, and outlook for the next 10 years. Registered attendees can get access to the recording through the end of 2022.

During the Q&A, the youngest attendee urged us to look around and notice that there were not enough young people at NAMIC. He called out the importance of understanding the younger generation and giving them more opportunities to network with decision makers at events like NAMIC. That perfectly summed up my presentation. Though NAMIC has certainly evolved with more women representation (15 this year out of 45 speakers and a few CEOs), there is still a need for more diversity in demographic and thought.

I was delighted to reconnect with former colleges, a few CEOs and board members of the mutual insurance companies at NAMIC. My favourite part of NAMIC is that it always feels like a family fair. It is a place we can share best practices and support each other even though our businesses may compete. Where else can you find such an ecosystem?



Source link

Continue Reading

DON'T MISS ANY IMPORTANT NEWS!
Subscribe To our Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

Trending

en_USEnglish