Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity

    Lacework Study Finds 300 Unsecured Container Orchestration Dashboards

    By
    SEAN MICHAEL KERNER
    -
    June 18, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Lacework containers

      Container orchestration systems, including Kubernetes, are increasingly being deployed in the cloud, but not all those deployments are being done in a secure manner, according to a new report from Lacework, set to be released on June 19, 

      Lacework conducted an analysis of cloud-hosted container orchestration deployments and discovered 21,169 publicly facing container orchestration platforms. Of these, 300 deployments were found to have open administrative dashboards without any required access credentials.

      “We used Shodan and our own crawler and port scanning in order to discover and fingerprint servers and then discover ones that were truly open versus authenticated,” Dan Hubbard, Chief Security Architect, told eWEEK.

      Shodan.io is a popular search service for discovering internet connected resources. Lacework, founded in 2015, is in the business of cyber-security visibility. The company’s Polygraph platform provides security visibility into potential misconfigurations, threats and breaches inside of application infrastructure residing in data centers or in the cloud.

      The issue of open container orchestration dashboards is not a new one and was also highlighted by security firm RedLock in a February 2018 report. RedLock found that electric automobile vendor Telsa had left its Kubernetes cluster open without any credentials and was being used by fraudsters to mine crypto-currency. More recently, security firm Kromtech reported on June 8 that a Kubernetes cluster operated by Weight Watchers was left open without authentication. 

      Kubernetes wasn’t the only container orchestration system discovered by Lacework, but it was the most broadly deployed. Kubernetes represented 76 percent of the container orchestrators discovered in the cloud by Lacework, while 19 percent of clusters were running Docker Swarm.

      AWS Hosts Most Discoverable Dashboards

      Lacework’s analysis found that 95 percent of the discoverable container orchestration system dashboards were hosted on Amazon Web Services (AWS). Lacework conducted its scanning during the first week of June, which coincidentally is also the week that Amazon made its managed Elastic Container Service for Kubernetes (EKS) service generally available. Kubernetes can be deployed by organizations on their own in AWS, or they can now choose to run EKS. For the Kubernetes clusters found with open dashboards on AWS, Hubbard said that they were installations outside of Amazon’s EKS managed service.

      “EKS deploys with a secure dashboard and management plane by default and I’m pretty sure you cannot edit that unless you run your own management,” Hubbard said.

      While discovering 300 entirely open container orchestration system dashboard is not a good thing, Hubbard agreed that it’s safe to say that a large percentage of deployed container orchestration platforms are not open. 

      “This of course is only one aspect of security so hard to say if they are secure,” Hubbard said. “Also an important note, we did not perform any brute force password or dictionary attacks so we cannot comment on how secure the authentication process is.”

      The Lacework report observed that the cluster orchestration system dashboards that were open to discovery on the internet could potentially disclose information that might be useful to attackers.

      “Within most discovered systems, the company name could be derived from certificates and hostnames even without access,” the report states. “These organizations, and the others who will replicate their mistakes, are opening themselves up to brute force password and dictionary attacks. “

      Best Practices

      Looking specifically at Kubernetes, Hubbard recommended organizations take the following measures to improve security:

      • Configure Kubernetes pods to run read-only file systems 
      • Restrict privilege escalation in Kubernetes
      • Build a pod security policy
      • Run Role Based Access Control (RBAC)

      Overall, Hubbard suggests that organizations understand their inventory of applications with public clouds and perform continual audit and configuration scanning with compliance checks, for workloads and security zone policies

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×