DataCenterNews Asia logo
Specialist data center news for Asia
Story image

New strategies for cloud-native attacks - Aqua Security

By Zach Thompson
Mon 2 May 2022

New research from Aqua Security reveals attackers are using more sophisticated techniques to target cloud-native environments.

Through its threat research team, Nautilus, Aqua Security has published research showing that adversaries are adopting new ways to carry out attacks, utilising multiple attack components and focusing their efforts on Kubernetes and the software supply chain.

Aqua Security says the ‘2022 Cloud Native Threat Report: Tracking Software Supply Chain and Kubernetes Attacks and Techniques' offers insights into trends and crucial information for practitioners about the cloud-native threat landscape.

The research showed that adversaries are using new tactics, techniques and procedures to intentionally target cloud-native environments and that cryptominers are increasingly the most common malware threat.

Team Nautilus also found that the use of backdoors, rootkits and credential stealers has increased, indicating the adversaries' interests are greater than just cryptomining.

Backdoors allow threat actors to access systems remotely and are used to establish persistence in the compromised environment. The research showed that 54% of attacks included this strategy, compared to 45% in 2020.

Furthermore, the researchers analysed malicious container images and found that 51% of these contained worms, up from 41% in 2020.

Worms provide attackers with the means to broaden the scope of their attack without much additional effort.

Moreover, the research found threat actors also included CI/CD and Kubernetes environments as targets, and in 2021, 19% of the malicious container images analysed targeted Kubernetes, such as kubelets and API servers, an increase of 9% from the previous year.

"These findings underscore the reality that cloud native environments now represent a target for attackers, and that the techniques are always evolving," Aqua's Team Nautilus threat intelligence and data analyst lead Assaf Morag says.

"The broad attack surface of a Kubernetes cluster is attractive for threat actors, and then once they are in, they are looking for low-hanging fruit."

The report also found that the proportion and variety of observed attacks targeting Kubernetes has increased, including wider adoption of the weaponisation of Kubernetes UI tools.

Further, supply chain attacks represent 14.3% of the particular sample of images from public image libraries, showing that these attacks continue to be an effective method of attacking cloud-native environment.

The Log4j zero-day vulnerability was also immediately exploited in the wild. Team Nautilus detected multiple malicious techniques, including known malware, fileless execution, reverse shell executions, and files downloaded and executed from memory, all emphasising the need for runtime protection.

Researchers observed honeypot attacks by TeamTNT after the group announced its retirement in December 2021. However, no new tactics have been in use, so it is unclear if the group is still in operation or if the ongoing attacks originated from automated attack infrastructure. Regardless, enterprise teams should continue preventative measures against these threats.

Aqua Security says Team Nautilus utilised honeypots to investigate attacks in the wild, with images and packages from public registries and repositories examined to study supply chain attacks against cloud-native applications. These included DockerHub, NPM and Python Package Index.

In addition, Team Nautilus used Aqua Security's Dynamic Threat Analysis (DTA) offering to analyse each attack.

Aqua Security says Aqua DTA is an industry-first offering, allowing users to dynamically assess container image behaviours through a container sandbox solution to ascertain whether they have hidden malware, giving organisations the ability to recognise and mitigate attacks that stat malware scanners are unable to detect.

"The key takeaway from this report is that attackers are highly active, more than ever before, and more frequently targeting vulnerabilities in applications, open source and cloud technology," Morag says.

"Security practitioners, developers and DevOps teams must seek out security solutions that are purpose-built for cloud-native. Implementing proactive and preventative security measures will allow for stronger security and ultimately protect environments."

To ensure the security of cloud environments, Aqua Security's Team Nautilus recommends implementing runtime security measures, a layered approach to Kubernetes security and scanning in development.

Related stories
Top stories
Story image
Microsoft
Microsoft, Cloudian partnership offers data center flexibility
Cloudian’s HyperStore object storage platform is now integrated and validated to work with Microsoft SQ Server 2022, offering more flexible and scalable data centers.
Story image
Sustainability
SoftIron named global leader for efficient DC infrastructure solutions
SoftIron has been named a global leader for supplying energy-efficient data infrastructure solutions for core-to-edge data centers after an assessment by Earth Capital Ltd.
Story image
Sustainability
Aligned Data Centers increases sustainability-linked loan
Aligned Data Centers has increased its sustainability-linked loan from $375 million to $1.75 billion to speed up the next phase of its strategic growth.
Story image
Employment
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Surveillance
Genetec launches new enclosure management system for data centers
Genetec has released a new enclosure management solution that will give data centers the ability to secure, monitor and manage access to racks and cabinets remotely.
Story image
Sustainability
AirTrunk boosts Japan presence with West Tokyo data center
AirTrunk is planning to build TOK2, a new hyperscale data center in Japan which will strengthen the company’s presence in the country.
Story image
Colocation
Digital Edge chooses Nortek’s StatePoint for new data center
Digital Edge will use Nortek's StatePoint liquid cooling technology in its new data center, the first commercial colocation operator in Asia to do so.
Story image
Sustainability
NTT launches IoT Services for Sustainability offering
"We know what actions are needed to build a more sustainable future and have a robust suite of technologies available to help deliver this impact."
Story image
Disaster Recovery
Kacific launches emergency connectivity offering, CommsBox
Kacific has announced the release of a new emergency connectivity offering designed to rapidly provide broadband service in emergency or disaster zones.
Story image
Microsoft
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
Data Center
Digital Edge to build South Korea's largest commercial data center
The project will be the largest commercial data center project in South Korea with total IT power of 120MW and a capital investment of more than KWR$1 trillion.
Story image
Sustainability
ABB unlocks sustainable energy upgrades for data centers
ABB says its new microgrid solutions will get data centers ready for the green revolution and use their own energy sources with a reduced carbon footprint.
Story image
Sustainability
Siemens showcases new automated solutions for data centers
Siemens has implemented new automated solutions and AI in the Baltic region's largest data center, providing insight into the future of data center management.
Story image
Infrastructure
Report - Data investment the key to better business growth
New research from Digital Realty has revealed that almost half (47%) of IT leaders globally believe their business investment in data systems and infrastructure is a key obstacle or concern.
Story image
Sisense
Data and analytics could be key to higher selling prices in APAC
Sisense's latest report has found that almost half of data professionals in APAC think customised data and analytics can create better selling prices for their products.
Story image
Storage
Energy storage demand momentum continues, says BYD
BYD has announced an expansion of its production capacities and will deliver 250,000 units of its energy storage system, BYD Battery-Box Premium.
Story image
Digital Transformation
EdgeConneX enters Indonesia, plans for data center campus
EdgeConnex has announced it is expanding its presence in Asia with the acquisition of GTN Data Center in Indonesia.
Story image
Research
New strategies for cloud-native attacks - Aqua Security
New research from Aqua Security reveals attackers are using more sophisticated techniques to target cloud-native environments.
Story image
Cloud
Colt connectivity with AWS increases services in Asia
Colt Technology Services expands cloud connectivity to AWS Direct Connect Hosted services, with speeds of up to 10 Gbps in Asia.
Story image
Databricks
Databricks grows in APAC market, expands into Korea
Databricks officially launches a local office in Seoul, Korea, building on existing partnerships with Cloocus, Megazone and the Weverse Company
Story image
SaaS
Cisco reveals new tech, intends to prevent network issues
Cisco has revealed new technology intended to mitigate costly disruptions by aiding IT teams in learning, predicting and planning.
Story image
SD-WAN
Orange moves Siemens AG’s entire operations to a SD-WAN
Orange Business Services has migrated Siemens AG's entire global operations, 1168 sites across 94 countries, to a SD-WAN
Story image
Cable
New high-performance cable in the works for Asia
A new high-performance submarine cable is being built to enhance connectivity between Hong Kong, China and Southeast Asia.
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.
Story image
Sustainability
AyalaLand and FLOW partner for data center development
AyalaLand Logistics Holdings Corp (ALLHC) and FLOW Digital Infrastructure have entered into a framework agreement to bolster the development of carrier-neutral data centers in the Philippines.
Story image
Microsoft
Microsoft unveils adaptive accessories for disability access
Microsoft is introducing an expansive Inclusive Tech Lab to give people with disabilities greater access to technology through new software features and adaptive accessories.
Story image
APAC
Odaseva expands in APAC and UK with more security features
Odaseva, a data platform for Salesforce, is establishing new headquarters in London as well as a new data center in India.
Story image
Data Center
Tier III Ready Datacenter solutions shortlisted for major awards
"These designs will accelerate data center clients' own Tier III certification, reduce the cost, and fast-track their time to market."
Story image
Data Center
CBRE finds record levels of investment in APAC data centers
CBRE's new report finds direct investment in the sector more than doubled in 2021, surpassing investment volumes for the past four years combined
Story image
Hyperscale
SpaceDC partners with Aofei for data center sales in Asia
SpaceDC has partnered with Aofei Data International to sell Aofei's data centers, CDN and SDN in China.
Story image
Sustainability
Legrand unveils Nexpand, a data center cabinet platform
Legrand has unveiled a new data center cabinet platform, Nexpand, to offer the necessary scalability and future-proof architecture for digital transformation.
Story image
Digital Transformation
The Huawei APAC conference kicks off with digital transformation
More than 1500 people from across APAC have gathered for the Huawei APAC Digital Innovation Congress to explore the future of digital innovation.
Story image
Cybersecurity
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Talend
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Telstra
Telstra expands business offerings in the Philippines
The expansion aims to offer more choice for customers and enhance connectivity into the Philippines, and within the country.
Story image
Sustainability
Intel unveils new investments for data center sustainability
Intel has announced two new investments, continuing its efforts to create more sustainable data center technology.
Story image
Digital Transformation
Multiplex, NEXTDC making strong progress on S3 data centre
Multiplex has made a significant achievement on Stage 1 of NEXTDC’s S3 data centre, ‘topping out’ the structure in the Artarmon on Sydney’s lower North Shore.
Story image
Akamai
Akamai announces new products across security, computing
Akamai has announced a series of new products and updates to existing products across its security and compute product lines, including its entry into the infrastructure as a service (IaaS) market.
Story image
Sustainability
Daikin and SP Group to build new energy efficient district cooling system
The project, set to be complete by 2025, will create a system with a cooling capacity of up to 36,000 refrigerant tonnes (RT). 
Story image
Sustainability
YTL unveils development of solar-powered data center campus
YTL Power (YTL) has announced the development of a 500MW data center campus in Johor, the first data center park in Malaysia to be powered by solar energy.
Exabeam
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Power / Energy
DigitalBridge makes $30 million equity investment in LEDC
Leading Edge Data Centres (LEDC) has announced it has secured an AUD$30 million equity investment in its regional edge network from an affiliate of DigitalBridge Group, DigitalBridge.
Story image
NVIDIA
NVIDIA announces a spate of new innovations at Computex 2022
NVIDIA has announced its latest innovations in data center, robotics, content creation, and gaming in a virtual keynote address on the opening day of Computex 2022 in Taipei.
Story image
Tech Data
Tech Data to use Pluribus Networks’ cloud solutions in APAC
Tech Data says using Pluribus Networks' Unified Cloud Fabric solution will be a "game-changer" for its data center infrastructure customers and partners.