Sysdig 2022 Threat Report: Cloud-native threats are increasing and maturing

The Sysdig 2022 Cloud-Native Threat Report highlights the growing and evolving threats in cloud environments as the use of containers and cloud services expands. The report reveals that threat actors are increasingly targeting cloud infrastructure due to its scalability and complexity, often exploiting misconfigurations and unpatched vulnerabilities to conduct profitable activities like cryptomining. TeamTNT is identified as a notable cryptomining group, demonstrating how a single attacker can inflict significant financial damage on victims. Furthermore, the report discusses the prevalence of supply chain attacks through public repositories like Docker Hub, where threat actors distribute malicious container images. The geopolitical impact of cyberwarfare is also examined, particularly in light of the Russia-Ukraine conflict, which saw a surge in distributed denial-of-service (DDoS) attacks facilitated by easily accessible Docker containers. The report underscores the need for enhanced visibility and security measures in cloud and container environments to effectively mitigate these threats.