NSA, CISA: Here’s how we can properly secure Kubernetes

Document shares best practices and hands-on advice

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The National Security Agency (NSA) and theCybersecurityand Infrastructure Security Agency (CISA) have published a comprehensive technical report to help administrators harden theirKubernetesinstances.

The reportcomes in the backdrop of an increase in the number of attacks thatexploit the complexitiesin securing Kubernetes deployments. NSA argues that Kubernetes is commonly targeted either for data theft, computational power theft, or denial of service.

“This guidance describes the security challenges associated with setting up and securing a Kubernetes cluster. It includes hardening strategies to avoid common misconfigurations and guide system administrators and developers of National Security Systems on how to deploy Kubernetes with example configurations for the recommended hardening measures and mitigations,” reads the document summarizing its intentions.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

Over fifty pages long, the report analyzes the container build workflows orchestrated by Kubernetes, and discusses the security policies that admins should implement to ward off any attackers.

Batten down the hatches

Batten down the hatches

The NSA argues that the three common sources of compromise in Kubernetes are supply chain risks, malicious threat actors, and insider threats.

Irrespective of the attack vector though, the NSA suggests various mechanisms to set up and secure a Kubernetes cluster.

In a snap, they suggest scanning thecontainersand pods for vulnerabilities or misconfigurations, while recommending administrators run containers and pods with the least possible privileges.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Additionally, the document also suggests implementing strict network policies to separate resources in order to prevent the lateral movement of threat actors in the event a cluster is compromised.

NSA cites data theft as the primary motivation of compromising Kubernetes clusters, although it acknowledges that threat actors might also seek to harness its underlying computational power for malicious purposes such ascryptomining.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Washington state court systems taken offline following cyberattack

Is it still worth using Proton VPN Free?

Google Pixel 9 vs Samsung Galaxy S24: which base model is better?