Nearly 1 Million Misconfigured Kubernetes Instances Found Vulnerable

By

Over 900 thousand Kubernetes deployments have been found to be exposed and vulnerable across the internet.

The research firm Cyble has discovered nearly 1 million Kubernetes deployments have been found vulnerable due to misconfigurations, which could lead to the loss of sensitive data. Although the report doesn’t imply that all misconfigured instances could lead to the exposure of data, it does imply that the misconfigurations can make Kubernetes deployments vulnerable.

Even organizations like Tesla were discovered to have deployed the Kubernetes console without password protection, which lead hackers to infiltrate at least one Kubernetes pod to give them access to the Tesla Amazon S2 bucket containing sensitive data.

During their investigation, Cyble discovered the United States had the highest exposure count, followed by China and Germany. The top 3 exposed ports were 443, 10250, and 6443. And, thanks to online scanners, it has become easy for hackers to find exposed assets within Kubernetes clusters.

According to Cyble, “Misconfigurations like utilizing default container names, not having the Kubernetes Dashboard protected by a secure password, and leaving default service ports open to the public can place businesses at risk of data leakage.”

To avoid these misconfigurations, Cyble warns that companies should always keep Kubernetes updated, remove debugging tools from any/all production containers, and consistently review permissions for any individual with access to the Kubernetes API.

06/29/2022

Related content

comments powered by Disqus