Kubernetes logo.
Image: Getty Images/iStockphoto/123dartist

New research from Veritas Technologies detailing the inherent security risks associated with Kubernetes has been published, and some of the findings are concerning for those employing the containerized system. Veritas found that Kubernetes environments face a number of cyberdefense liabilities and that organizations are underprepared to account for these potential threats.

“Kubernetes is easy for organizations to deploy, and quickly improves affordability, flexibility and scalability—it’s no wonder so many are embracing containerization,” said Anthony Cusimano, solutions evangelist at Veritas. “But because deployment is so simple, organizations can easily surge ahead faster with their Kubernetes implementation than their Kubernetes protection. Suddenly, they’ve found themselves with two-thirds of their mission-critical Kubernetes environments completely unprotected from data loss. Kubernetes has become the Achilles heel in organizations’ ransomware defense strategies.”

SEE: Kubernetes security guide (free PDF) (TechRepublic)

With responses from over 1,000 IT professionals, the study found that enterprises using the open source container orchestration system are suffering from the volume of incoming cyberattacks. Of those who responded, 89% said ransomware attacks are an issue for their businesses, and 48% that have already utilized Kubernetes have experienced a ransomware attack.

One of the key issues highlighted by Veritas in the research showed that organizations are deficient in spreading their existing data protection from their traditional workloads out across their containerized environments. Failing to cover these environments introduces the chance for severe data losses, along with a lengthy data restoration process in the event of a cyberattack. The study found that just 40% of businesses are following the correct protocols of spreading the data protection to these new environments, signaling a potential issue for organizations down the road.

On the positive side, a fair contingent of those who responded said they expect to have the necessary cybersecurity protections ready in the near future. Nearly 30% of those surveyed noted they did not expect ransomware to be a problem in five years’ time, signaling an upgrade in the protection of containerized data coming soon.

These findings work in tandem with organizations estimating they will spend almost 50% more time in these containerized environments by 2027. A whopping 61% of those organizations also expect that future data containment efforts will be properly prepared for the cyberattacks of the future, as the investments made toward cyberdefense are expected to have these businesses adapted to the security challenges.

Cusimano says that while it is positive that the environments will be adequately protected in five years’ time, that’s a long span when it comes to data protection.

“It’s clear that organizations around the world understand the value of protecting the mission-critical data they’re using in their Kubernetes environments. And it’s great that it seems they’ll eventually get the protection that they need,” Cusimano said. “However, if a week is a long time in politics, five years is a very long time in data protection, and we expect to see more and more ransomware variants emerge over that time that target Kubernetes and take advantage of this Achilles heel. Too many organizations are missing the simple solution to extend their current data protection platforms to their Kubernetes environments today, leaving them in an unenviable vulnerable position.”