"The Latest App Coding Trend Is a Hacker’s Dream As the industry rushes to adopt container technology, cybersecurity risks abound... ...]T]he process is also giving hackers lots of new ways to steal people’s information. Instead of a user’s data going directly to one place, they can jump between dozens of containers for a single action. Hackers only need to gain access to one. Because of the way most containers are designed, they’re black boxes on a network. Administrators may have no idea what’s happening inside of them... 'Enterprises are flying blind,...They often have no idea if a container went down by a design—it was no longer needed as user activity decreased—or due to an IT configuration error or a human error or an attacker.'... One feature of containers that hackers are actively exploiting is that they’re ephemeral, ... In attacks...containers use a kind of suicide switch that controls when they are shut down, and hackers who get inside often install malicious software to flip those switches. The code allows them to erase all evidence showing they were there... Hackers are eager to take advantage, as StackRox found this spring when it began monitoring a major financial services firm. ... StackRox said it detected more than 500 threats aimed at the finance firm’s container software during a single month..." https://www.bloomberg.com/news/articles/2017-07-18/the-latest-app-coding-trend-is-a-hacker-s-dream
Security Teams Struggle with Container Security Strategy November 14, 2018 https://www.darkreading.com/cloud/s...th-container-security-strategy/d/d-id/1333271 "The State of Container Security: 2018 Report - Key Findings" (PDF): https://www.stackrox.com/img/StackRox-Infographic-State_of_Container_Security_Report.pdf
60% of Organizations Suffered a Container Security Incident in 2018, Finds Study January 7, 2019 https://www.tripwire.com/state-of-security/devops/organizations-container-security-incident/
