It’s been a busy few months for those tracking cybersecurity breaches. Considering that this quarter alone has seen headlines for British Airways identifying additional victims behind its already significant breach, Facebook’s massive messaging leak and Yahoo’s significant payout related to earlier data breaches, there are plenty of high profile cases that reinforce the importance of good cybersecurity when operating on the web.

But these are just the tip of the iceberg that security researchers have started to identify. As an example, there’s a great piece of research relating to Docker API’s being exploited to run crypto-mining operations. I find this particular breach interesting because it’s a great demonstration of the “perfect storm” of technologies that make future attacks more likely.

First of all, Docker’s ease of use has made it possible for rapid deployment and expansion of the increasingly complex web applications that drive bleeding edge technology companies. For many web technologies, the main barrier for entry is making it easy enough for anyone to use, and Docker has certainly captured the imagination of those seeking to get into DevOps and improving services.

Unfortunately, once a technology reaches a certain level of popularity, it suddenly becomes much more of an interesting target for cyber-villains.

API’s and interconnectivity between applications are a key component of the modern web, too – providing connectivity threads that are critical pipelines for delivering interconnected services. These APIs, however, also offer a new opportunity for exploits – especially when they’re misconfigured.

Finally, one of the big trends we’ve seen recently is a move away from ransomware and towards cryptocurrency mining.

Whilst ransomware was easily one of the largest growth areas in security attacks last year and relatively easy to employ as a mechanic for profiting from an attack, it was an approach that left the attacker (Read more...)