ChannelLife Australia - Industry insider news for technology resellers
Australia
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Cloud Security
#
Open source
#
Cybersecurity

Kubernetes security concerns rise among APAC businesses

Yesterday
Author image
By Shannon Williams, Journalist

Tenable Cloud Research has revealed that organisations worldwide, including those in the Asia Pacific region, are increasingly encountering security challenges within their Kubernetes environments.

The 2024 Tenable Cloud Risk Report highlights several areas of concern pertaining to the widespread adoption of containerised applications, which, when coupled with inadequate security practices, are rendering cloud infrastructures susceptible to various risks, such as data breaches, service disruptions, and unauthorised access to critical workloads.

"Kubernetes is the backbone of many cloud-native applications, but organisations in APAC are struggling to secure these environments properly," stated Ari Eitan, Research Director at Tenable. "Publicly exposed Kubernetes API servers and overprivileged containers are serious risks that leave businesses vulnerable to attacks. Without the right security measures in place, these misconfigurations can lead to catastrophic breaches."

The report highlights that an alarming 78% of organisations have Kubernetes API servers that are publicly accessible, which significantly increases the risk of cyberattacks. Among these, 41% permit inbound internet access to their Kubernetes clusters, further heightening the threat level. Such configurations can be exploited by attackers to access sensitive resources or potentially take control of entire cloud environments.

Furthermore, the study reveals that 44% of organisations operate containers in privileged mode. This arrangement grants these containers extensive access to the host system's resources, which poses a heightened risk. Should attackers gain control, they can compromise the underlying infrastructure. Additionally, 58% of organisations have cluster-admin role bindings, which provide unrestricted access to all Kubernetes resources, a situation that can be exploited to manipulate or destroy workloads or exfiltrate data.

In response to these security challenges, Tenable has put forward a series of best practices for organisations in the APAC region. These include limiting exposure of Kubernetes API servers by avoiding public internet exposure and applying firewall or security group rules to restrict inbound access. Network segmentation should also be enforced to isolate sensitive workloads.

Reducing the use of privileged containers is recommended, with the emphasis on adhering to security best practices as outlined by the CIS Kubernetes Benchmark and NIST guidelines, to limit the degree of container access to host resources. Another important measure involves strengthening Role-Based Access Control (RBAC). This involves regularly auditing and restricting the use of cluster-admin roles, replacing overly permissive role bindings with more granular permission configurations to uphold the principle of least privilege.

Tenable also advises conducting regular security audits of Kubernetes configurations to detect and rectify misconfigurations or unnecessary exposures. Disabling anonymous access to the Kubelet API and ensuring the encryption of all communications within the cluster are additional recommended measures.

Mr Eitan commented on the growing complexities introduced by the adoption of Kubernetes, stating, "The growing adoption of Kubernetes is a double-edged sword. While it offers great agility for cloud operations, it also introduces a new layer of complexity and security risks. APAC businesses must prioritise Kubernetes security, particularly by closing exposure gaps and enforcing strict access controls. Proactive measures today will protect organisations from becoming tomorrow's headline breaches."

The findings of the Tenable Cloud Risk Report 2024 are based on a detailed analysis of data drawn from billions of cloud assets within various public cloud environments. The dataset was collected throughout the first half of 2024 and encompasses cloud workload and configuration information from real-world assets in active production, focusing on identifying critical security risks to provide actionable insights for organisations aiming to enhance their cloud security posture.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
MSP Trends in 2025 – Navigating What’s Next for Managed Services
Why Digital Customer Experience Will Define Business Success in 2025
Rapid7 enhances platform with AI-driven threat detection
Veeam to enhance data resilience with Microsoft AI
Genetec enhances Security Center SaaS with intrusion feature
Top stories
Yamaha acquires Robotics Plus for precision agriculture push
Grapple to acquire Spenda portfolio, boosting SME finance
Data leak at Chinese firm reveals government monitoring
IBM announces acquisition of AI platform firm DataStax
StorONE unveils S1 Version 3.9 with major cost savings