Today skybox security announced in its mid-year update to the 2019 Vulnerability and Threat Trends Report, that there has been a considerable drop in the number of malicious cryptominers. In 2018, malicious cryptomining was the largest problem area with regard to cybercriminals, and has since dropped down to just 15%.
Despite the decrease in malicious cryptomining, there has been a considerable increase in vulnerabilities in cloud containers by as much as 48%, according to the report, and 240% since 2017.
“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase,” said Skybox Director of Threat Intelligence Marina Kidron. “What is concerning, though, is that as these are published, the race is on for attackers to develop an exploit because launching a successful attack on a container could have much broader consequences. Compared to other technology, containers can be more numerous and quickly replicated. The attack footprint could expand rapidly, and number of victims may be extremely high.”
“Container vendors put a great deal of attention to securing their products in the first place,” said Amrit Williams, VP of products. “But that also means reporting vulnerabilities when discovered. It’s critical that customers have a way to spot those vulnerabilities even as their environment may be changing frequently.
“They also need to assess those vulnerabilities’ exploitability and exposure within the hybrid network and prioritize them alongside vulnerabilities from the rest of the environment — on prem, virtual networks and other clouds.”
“More than 7,000 new vulnerabilities were discovered in the first half of 2019 — that’s still significantly more than figures we’d see for an entire year pre-2017. So organizations are likely still going to be drowning in the vulnerability flood for some time,” said Ron Davidson, Skybox CTO and VP of R&D. “Roughly a tenth of these have an exploit available and just one percent are exploited in the wild. That’s why it’s so critical to weave in threat intelligence into prioritization methods, and of course consider which vulnerable assets are exposed and unprotected by security controls.”