Attacks against the container infrastructure are continuing to increase in both frequency and sophistication. It takes just a few hours to detect a new vulnerable container using internet scanning tools like Masscan. The attacks are becoming more evasive, while the supply chain is now targeted.
Aqua Security’s Team Nautilus has analyzed 17,358 attacks against its honeypots between June 2019 and December 2020. It found that adversaries could detect a new misconfigured container within an average of five hours – the fastest within a few minutes and the longest at 24 hours. In 50% of cases, the new container was detected in less than one hour. The implication is clear: if a new container is set up today with a view to securing it tomorrow, it will be too late. The likelihood is that the container will already be compromised.