Troubled by Man in the Middle Compromises

As an IT administrator, you are well aware of man-in-the-middle (MITM) attacks and their repercussions on your organization.

Take these steps to mitigate these potential threats:

1. High chances of risk if the cluster is shared among multiple teams/tenants/environments.
2. Apply a policy that ensures no ClusterIP service that contains an external IP’s spec can ever be created. This approach eliminates the ability to divert traffic to an external IP address.
3. While adopting Kubernetes, make sure that an admission controller webhook is implemented to ensure that every namespace’s service account is scoped to a role that does not allow PATCH requests to the LoadBalancer service.
4. Look out for tools that can identify whenever a service is accessing an external IP address.
5. Be wary, if your organizations continue to run older versions of Kubernetes clusters since, if left unattended, it could become a significant problem.
6. Ensure the use of two-way SSL for critical service apps.
7. Finally, always make sure that the cluster is hardened/audited before public ACL.

For more queries on MITM and other Kubernetes-related vulnerabilities, reach out to our team