Cloud-native security is becoming a bigger concern

For some time now, containers as a new type of software artifact that are foundational to cloud-native applications have been appearing more frequently in production environments. Initially, most of those applications were built by sophisticated developers but as the value of containers becomes more apparent, the rate at which they are showing up on IT environments is now sharply increasing.

In fact, a survey of 1,350 DevOps professionals conducted by Google finds 54 percent are now targeting application deployments for container environments, compared to 42 percent that are building applications to be deployed directly atop of virtual machines in the cloud.

Overall, the survey finds the percentage of respondents using public clouds is 76 percent, up from 56 percent in 2021, while the number of respondents not using a cloud stands at 10.5 percent. Usage of multiple public clouds is at 26 percent, while 35 percent report using a private cloud.

MSPs can help clients secure cloud-native apps

Naturally, there is going to be plenty of opportunity for managed service providers (MSPs) to help clients shift from legacy monolithic applications deployed on virtual machines, to cloud-native applications based on microservices constructed using containers and serverless computing frameworks constructed using containers.

However, the longer-term opportunity in terms of generating recurring revenue is going to be helping organizations secure these environments. A cloud-native application is fundamentally different in that containers make it possible to encapsulate code in a way that promotes reusability. The core idea is that containers will make developers more efficient. In addition, applications will be more resilient because there isn’t a single point of failure. If a microservice is unavailable for one reason or another, calls the application programming interface (API) employed by that microservice are simply re-routed to another microservice.

The fly is in the ointment is developers tend to think cloud-native applications are more secure than they actually are. The average container only runs for a few minutes, sometimes even seconds, before being ripped and replaced by another container that attaches itself to an API. That approach not only makes it simpler to add new functionality to an application, but it eliminates the need to patch an entire monolithic application to remediate a vulnerability. The offending component that contains that vulnerability is easily replaced.

Crypto jacking is more serious than the average IT team thinks

However, cybercriminals have taken note of containers as a software artifact. Most containers are downloaded from a central repository, so cybercriminals are now flooding those repositories with malicious versions of components that are loaded with malware. Most of that malware today comes in the form of crypto jacking tools used to mine cryptocurrency in the cloud. The trouble is cybercriminals then use those malicious containers to open back doors through all kinds of more lethal malware can be deposited in a cloud-native application.

Unfortunately, crypto jacking today is viewed as nuisance crime. However, an attack that generates $8,100 for cybercriminals would potentially result in a $430,000 cloud bill for an organization. The issue is more serious than the average IT team appreciates.

Regardless of what type of attack is launched, the one thing that is clear is cloud security is becoming a lot more complicated. MSPs will need to acquire new skills to stay relevant as cloud-native applications are deployed alongside legacy monolithic applications that are not likely to be retired any time soon. The challenge, as always, will be not only investing in the appropriate level of training required but also educating clients about the true nature of the threat they are about to face.

Photo: Natali _ Mis / Shutterstock