9. Impact in the Kubernetes Cluster – ATT&CK® Matrix
MITRE’s ATT&CK®
Data Destruction
Attackers may strive to destroy data and resources in the cluster. It involves deleting deployments, configurations, storage, and compute resources.
Resource Hijacking
Violators may abuse a compromised resource for running tasks. The most popular abuse is to employ arbitrated resources for running cryptocurrency mining. Felons who have access to a container in the cluster or have permissions to create new containers may use them for such activity.
Denial of Service Attacks
Attackers may attempt to perform a denial of service attack, which makes the service unavailable to the legitimate users. In container clusters, this includes attempts to block the availability of the containers themselves, the underlying nodes, or the API server.