The Los Angeles Times exposed its website source code in S3, and in February of 2018, an attacker edited the code to include cryptocurrency mining functions.3 If the numbers are to be believed, 7% of S3 buckets are wide open to the world, and another 35% are not using encryption (which is built into the service).4 In June 2018, more than 22,000 container orchestration administration and API management consoles were discovered publicly, and some of them didn’t have any authentication in place (and many had weak or default authentication in use).5 These primarily consisted of exposed Kubernetes platforms that security teams might not have had knowledge of or visibility into. Are these isolated incidents or common occurrences? What are security professionals doing to implement more effective controls within cloud environments?
SANS Report: Cloud Security Survey 2019
