Containers offer many advantages for management, deployment, and efficient development of applications. Like any technology, however, they are subject to attack from malicious actors, and require diligent security. Vulnerabilities can appear in the container images themselves, in the registry where they are stored, or in the orchestration and deployment of the images. Let’s take a look.
Image Vulnerabilities & Countermeasures
As the worldwide fallout of the WannaCry ransomware virus continues and the blame game starts, the worldwide attack underscores the need for basic security hygiene, updating of operating systems, and regular patching writes DLT Chief Cybersecurity Technologist, Don Maclean.
On May 12 a ransomware virus, WannaCry, was released on the Internet and rapidly spread to hundreds of thousands of Microsoft Windows based computers in over 150 countries. The malware encrypts critical files on a computer, such as Excel, Word, and other important files, and seeks out backup copies for encryption as well. Once it infects a system, it requires the victim to pay approximately $300 in digital currency (Bitcoin), and immediately tries to find other systems to infect.
The concepts of threat hunting and threat intelligence went mainstream in 2016 bringing with it a whole new paradigm to threat mitigation and cybersecurity. But what is threat hunting and what use cases does it serve?