According to new study, hundreds of thousands of endpoints(opens in new tab) running Kubernetes API have been exposed to the internet, making them vulnerable to virus deployment and other assaults.


According to a survey published by the Shadowserver Foundation, 84 percent of the 454,729 servers that host the container orchestration system are accessible over the internet, at least to some extent. There are 381,654 systems in all.


While being accessible to the internet does not always imply that your data has been hacked, it is the first and most crucial step toward a data breach. Furthermore, rather than being intentional, all of them are most likely the consequence of misconfigurations.


"While this does not mean that these instances are entirely accessible or vulnerable to an attack," Shadowserver writes in the blog post, "it is probable that this degree of access was not intended and that these instances represent an unnecessarily exposed attack surface." "They also allow for version and build information leaking."


According to the group, 201,348 (53 percent) of all accessible occurrences occurred in the United States. To prevent data breaches and assaults, enterprises using internet-accessible Kubernetes API servers should implement some type of access permission or block access at the firewall(opens in new tab).


The Cloud Native Computing Foundation maintains Kubernetes, a ten-year-old Google product for container management on-prem and in the public cloud.


Several software businesses sell commercial versions. Kubernetes-based platforms or infrastructure as a service (IaaS) are available from Amazon, Google, IBM, Microsoft, Oracle, Red Hat, SUSE, Platform9, and VMware.


According to market experts Statista, it is incredibly popular, with most businesses using it.