Hybrid cloud complexity creating security challenges
Container security company Capsule8 recently released a survey conducted by Enterprise Strategy Group (ESG) in November 2017 exploring trends in hybrid cloud security. Among these trends, the survey found the complexity of hybrid cloud environments is making it difficult to protect them from various attacks, including zero-day exploits.
ESG researchers surveyed approximately 450 IT and security professionals in North America and Western Europe on hybrid cloud environments and containers. Approximately 56% of those surveyed had launched containerized production applications, with 80% planning to have them in production within the next 12 to 24 months.
Hybrid cloud models have become an attractive option for enterprises that want to leverage the cloud for day-to-day business operations, while maintaining their legacy infrastructure. The technology consists of a mix of on-premises, private cloud and public cloud services. Although companies have gravitated toward the cloud, the authors of the survey note legacy infrastructure will remain a critical aspect of the enterprise in the coming years. What is needed is a kind of security capable of protecting both.
Hybrid cloud environments are harder to secure on account of being more complex, according to the survey. Approximately 42% of those surveyed reported an attack occurred in their cloud environment in the last year, with 28% pointing to a zero-day exploit as the origin.
Zero-day exploits occur whenever a cyber criminal is able to take advantage of a software vulnerability before a developer is able to release a patch for it. Vendors are often provided a certain amount of time to patch the vulnerability before it is publicly disclosed, depending upon its severity.
The authors of the report also found 26% of companies experienced attacks related to the misuse of a privileged account by an inside employee, 21% related to taking advantage of known vulnerabilities in unpatched operating systems and 19% related to the misuse of a privileged account via stolen credentials. Additionally, 20% reported mis-configured cloud services, workloads or network security controls that led to a successful compromise by a bad actor.
Another reason the survey found companies are challenged to secure multi-cloud environments is because approximately 70% are using separate controls for public cloud resources and on-premises virtual machines (VMs), meaning only 30% use unified controllers. Unified controllers are simpler since they remove the need of having to configure, program and debug multiple controllers. Although, the researchers expect this trend to reverse in a couple of years.
“The challenge of balancing the move to a next-gen infrastructure while also maintaining support for current environments is a huge barrier for a lot of companies investigating containers,” said John Viega, co-founder and CEO, Capsule8, in a statement. “The security concerns are real and as we’ve seen noted here with the rates of zero-day attacks, as well as recent major vulnerabilities such as Spectre and Meltdown, and the ability to control and secure these hybrid environments effectively is critical and one of the main pain points we are trying to address at Capsule8.”