50% of misconfigured containers hit by botnets in under an hour
Aqua Security on Monday reported that data it collected from honeypots protecting containers over a six-month period revealed that 50% of misconfigured Docker APIs are attacked by botnets within 56 minutes of being set up.
According to the research, it takes five hours on average for the adversaries’ bots to scan a new honeypot. The fastest scan occurred after a few minutes, while the longest gap was 24 hours.
Assaf Morag, lead data analyst with Aqua’s Team Nautilus, said this discovery underscores the significance of detecting and fixing cloud misconfigurations promptly or preventing them from occurring before app deployment. Morag said security pros need to understand that the slightest misconfiguration might expose their containers and Kubernetes clusters to a cyberattack.