The technologies at the heart of most data leaks
Docker, a tool designed to make it easier to create, deploy, and run applications (as containers), is one of the most popular technologies in cloud server environments these days.
Despite a 2017 joint report from Cisco and Rapid7 finding that there were over 1,000 Docker containers left exposed online without any authentication, there haven’t been any major data breaches reported via this technology, until now.
Nonetheless, the potential for abuse is there, and it’s being exploited already. Not by data thieves, but by crypto-mining groups.
To avoid any potential Docker container hijacks –which in turn can lead to data thefts or accidental leaks– there are some steps that server owners can take.