Cybersecurity management platform Skybox Security stated that vulnerabilities in the cloud containers are increasing at a rapid pace. The report named Vulnerability and Threat Trends, which analyzed the vulnerabilities, exploits, and threats over the first half of 2019, stated that cyber risks in cloud container software have increased by 46 percent in the first half of 2019 compared to 2018, the Forbes reported.
In the report, Skybox highlighted a container vulnerability which was discovered earlier this year, known as CVE-2019-5736, that allowed a malicious actor to allegedly gain administrative privileges and break into the physical server.
“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase,” said Skybox Director of Threat Intelligence Marina Kidron. “What is concerning, though, is that as these are published, the race is on for attackers to develop an exploit because launching a successful attack on a container could have much broader consequences. Compared to other technology, containers can be more numerous and quickly replicated. The attack footprint could expand rapidly, and a number of victims may be extremely high.”
Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the survey by Gartner, Inc. While cloud computing presents organizations with novel opportunities, a number of new risks — including cybersecurity disclosure and General Data Protection Regulation (GDPR) compliance — make cloud solutions susceptible to unexpected security threats.
In Gartner’s quarterly Emerging Risks Report, 110 senior executives in risk, audit, finance and compliance at large global organizations identified cloud computing as the top concern for the second consecutive quarter. Additional information security risks, such as cybersecurity disclosure and GDPR compliance, ranked among the top five concerns of the executives surveyed.
The top two fast-moving, high-impact risks — those which have the ability to cripple an organization quickly — are also related to information security threats. Social engineering and GDPR compliance were cited as most likely to cause the greatest enterprise damage if not adequately addressed by risk management leaders, according to Gartner. However, only 18 percent of the cross-functional executives surveyed currently considered social engineering to be a significant enterprise risk.