wonderfully unique software solutions

Opswat says Docker images can be rising threat vector

Cybercriminals may increasingly target the increased popularity of Docker images and containerisation to attack businesses and organisations, according to cybersecurity vendor Opswat.

Vinh Lam, senior software architect at the critical-infrastructure focused company, said that container infrastructures represent an expanding surface for supply chain attacks and similar malware threats.

“Micro-services and containers have seen tremendous growth. Thanks to its lightweight and fast-to-deploy nature, container technology will only continue to expand in the future. However, containers also house outdated and vulnerable software more often than not,” Lam said in a blog post.

Malicious actors and cyber criminals have used auto-build platforms to create campaigns that attack critical infrastructures. Malware can exist in source code and build artifacts, which means that IT teams must look to secure their software build pipelines in line with emerging threat patterns.

“An analysis of four million public images on Docker Hub revealed the out-of-sight risks in containers,” wrote Lam.

“Half of these images (51%) contained at least one critical vulnerability and 13% had high-severity vulnerabilities. Some 6,400 images were considered malicious as they contain cryptocurrency miners, malicious Node Package Manager (NPM) packages, hacking tools, and malware.”

Attackers have also used Docker images for crypto-mining, pointing to five malicious images that were pulled more than 120,000 times in 2021. According to Lam, the campaign involved typo-squatting, for example by using misspelled or misleading Docker Hub titles to trick victims.

The Docker containerisation platform is used by around seven million people.

Lam said teams can secure their software build pipelines using products such as Opswat’s MetaDefender for Jenkins to detect malware and vulnerabilities in Docker images.

“The best approach to avoiding accidental pulls of illegitimate images is to adopt the zero-trust security model. All files must be assumed as potential risks and thoroughly scanned,” Lam said.

Read the full blog on the Opswat website.

( Image by Alexander Fox | PlaNet Fox from Pixabay )

Recent Articles

Octopus Deploy follows Codefresh buy with 2024.1 Server

Continuous delivery (CD) pipeline platform vendor Octopus Deploy has acquired fellow development software specialist Codefresh and rolled out a new version of...

Top-25 cloud list runs gamut from Visma to Cloudflare, Wasabi to Azul

The Software Report market insights website has named 25 software companies as the top companies in cloud computing for 2024, offering specific...

TeamViewer partners Deloitte on digital visuals for warehouse logistics

Deloitte and TeamViewer have combined the latter's augmented reality (AR) based visual picking offering with SAP Extended Warehouse Management (EWM) for warehousing...

Hornetsecurity expands M365 cloud security offer with Vade deal

Cloud email security provider Hornetsecurity has added a partnership with Vade, increasing focus on answering data sovereignty requirements with best-in-class cloud, compliance...

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox