Latest coding app is a hacker's dream


Washington - Every time you search for something on Google, hail an Uber or log into a bank account, your personal data likely flows behind the scenes through a series of separate, freestanding packages of software known as containers.

Although invisible to the user, this method has become the dominant way to code apps today.

Programmers like it because it allows them to change one feature without breaking their colleagues’ work, and it helps software run more efficiently, saving companies money.

But the process is also giving hackers lots of new ways to steal people’s information.

Instead of a user’s data going directly to one place, they can jump between dozens of containers for a single action. Hackers only need to gain access to one.

READ: Millennials must upskill to stay on top in FinTech space - expert

Because of the way most containers are designed, they’re black boxes on a network. Administrators may have no idea what’s happening inside of them.

This threat went largely unnoticed for a while as containers proliferated throughout the software industry.

In 2014, it caught the attention of Sameer Bhalotra, the former senior cybersecurity director for President Barack Obama and an ex-Google employee.

Bhalotra created StackRox to address new techniques that exploit container technology.

“Enterprises are flying blind,” said Bhalotra, speaking publicly about his startup for the first time.

“They often have no idea if a container went down by a design - it was no longer needed as user activity decreased - or due to an IT configuration error or a human error or an attacker.”

StackRox is backed by a Silicon Valley A-list of chief security officers, including Uber Technologies Inc.’s Joe Sullivan, Facebook Inc.’s Alex Stamos and SAP SE’s Justin Somaini.

StackRox is in the process of completing a new funding round, according to people familiar with the matter.

A quarter of all large companies now use containers, and corporate spending on the technology is projected to double over the next two years to $2bn, according to 451 Research.

Many companies rely on software from Docker Inc., a startup valued by investors at $1bn.

READ: Govt in huge push to boost innovative ideas from citizens

Jay Lyman, an analyst at the research firm, said there’s a “gold-rush mentality” to adopt the tool without a full appreciation of the risks. “Security is the No. 1 challenge,” he said.

Docker and StackRox have become close partners, but Bhalotra wasn’t the only one to notice an opportunity.

Aqua Security Software, an Israeli firm that secures containers, has attracted funding from local cybersecurity billionaire Shlomo Kramer and Microsoft Ventures. San Francisco-based Twistlock has raised some $30m from Dell and other investors.

Uber is a devotee of the container, as is Alphabet’s Google, which has said every service it offers today runs on the technology. Google uses more than 2 billion containers a week.

But these tech giants have highly sophisticated security operations to deal with potential threats. Sullivan, the Uber security chief, said the company created its own software to detect container attacks.

“Our security engineering team must be able to blend off-the-shelf security products with a great deal of custom work,” he said.

City National Bank first considered adopting containers last year, but none of its existing security systems could track them.

“It’s hard to know if a new container that shows up is really supposed to be there,” said Gene Yoo, head of information security at City National.

Then the Los Angeles bank found StackRox and Docker. It’s now moving “aggressively” to containers for its website and payment systems, which is reducing costs.

Docker said its technology addresses key security threats that faced apps using earlier approaches without containers.

One feature of containers that hackers are actively exploiting is that they’re ephemeral, Bhalotra said.

In attacks his company has studied, containers use a kind of suicide switch that controls when they are shut down, and hackers who get inside often install malicious software to flip those switches.

The code allows them to erase all evidence showing they were there.

“Enterprises with advanced IT infrastructures are moving to containers, but they aren’t sure how to address security,” Stamos, the Facebook security chief and StackRox backer, wrote in an e-mail.

Hackers are eager to take advantage, as StackRox found this spring when it began monitoring a major financial services firm. (Bhalotra asked Bloomberg not to identify certain details about the project to protect the company’s work.)

StackRox said it detected more than 500 threats aimed at the finance firm’s container software during a single month.

Read Fin24's top stories trending on Twitter:

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Voting Booth
Facebook is facing a fresh crisis after a former employee turned whistle-blower leaked internal company research . Do you still use Facebook?
Please select an option Oops! Something went wrong, please try again later.
Yes, the benefits outweigh the risk for me
23% - 94 votes
No, I have deleted it
47% - 191 votes
Yes, but I am considering deleting it
30% - 125 votes