Why containers are susceptible to ransomware and what to do about it

/in


Details
Published: Thursday, 04 May 2023 09:25

What are the key vulnerabilities that make containers susceptible to ransomware attacks and how can organizations effectively mitigate these weaknesses? Anthony Dutra looks at these questions.

With the demand for data being higher than ever, vulnerabilities and risks to data integrity are increasing – particularly for organizations that are refactoring their applications for Kubernetes. As attacks continue to rise exponentially, organizations need to come to terms with the fact that no application is safe from ransomware. 

Though Kubernetes and containers allow for a variety of benefits, including the refactoring of key legacy applications, those adopting these containers often quickly realise that data protection and security concerns are a significant challenge for operations – with the security risks they pose proving to be a stumbling block for organizations. 

When it comes to ensuring that containerized applications are protected against ransomware and other potential security threats, those responsible for refactoring applications should specifically be addressing the top container security risks by both working with native features and seeking out necessary integrations. 

Pods open entry points for malicious actors 

Refactored containerized applications often originate from legacy code and are typically already running on bare metal servers or virtual machines. However, the process of refactoring is not without challenges, as it may require modifications to existing application elements to support containerization. This can hinder organizations from fully realising the anticipated benefits of containerization, particularly in terms of improved security, which is often cited as a key objective.

These challenges can have a significant impact on security in various ways. For instance, Pods are critical components of Kubernetes deployments, responsible for hosting containers for each application process. Each Pod is assigned its own IP address and can communicate directly with other Pods. However, the recommended practice is to use Services, which are sets of Pods accessible through a single, fixed DNS name or IP address. Many…

Source…