One Bad App(le) Spoils the Barrel

Despite the fact that we're talking technology, the old proverb "one bad apple spoils the barrel" holds true when discussing app security. Like the very real threat of one 'bad' apple rapidly spoiling every other apple in a barrel, one compromised app can lead to a plethora of problems; from mass infection to compromise of other systems, access to even a single app can be devastating.

To wit, most of us are familiar with the 'casino fish tank' hack in which attackers gained access to sensitive data via an innocuous, thermometer app connected to the Internet. It was unprotected. As an aquarium enthusiast, it makes me sad given the sensitive nature of reef tanks to temperature changes. As a technology enthusiast, it makes me cringe because no app is an island today, and if it's on your network, it can potentially reach any other app you have running. Like the ones you consider critical to business. That's why I like to remind everyone that every app is critical when it comes to security.

"Every app" is a significantly large number these days. An enterprise operates on average 900 apps according to the MuleSoft Connectivity Benchmark 2019). Those are the apples in your barrel and it's true whether the barrel is in the cloud or at home, on-prem.

Many of those apps are not protected. In some cases, the reason is a simple oversight. In others, those apps are one of the 29% MuleSoft found are connected or integrated, and crafting access policies are just more trouble than they're worth. After all, you have to inventory every app and determine which other apps have a legitimate need to access it. Given an average of 900 apps with 29% connected, that's 261 apps that need very specific access policies. That's a lot of work for what most consider very little risk.

That's when I like to remind folks of the tale of the fish tank. Or bring up an even better-known tale of HVAC systems and their relationship to a POS hack that cost a certain business millions of dollars and the trust of even more customers.

A single app is a risk. The connective tissue known as the network that spans data centers, clouds, and even remote and branch offices today enables even the most irrelevant app to become a potential point of attack. With containers continuing to grow like weeds, the risk is multiplied. Because containerized architectures operate on a principle of horizontal (cloned) scalability, a single app with a vulnerability or open access policy can replicate quickly, each one offering yet another point of entry into the broader application landscape.

It isn't just apps and data at risk. It's your network. We have incredible bandwidth today, especially in the cloud and in the data center, but when coupled with auto-scaling containers there is a very real risk of exploiting a single, vulnerable app (container) in ways that cause it to scale out of control rapidly. Bandwidth and resource consumption ensue, and in the cloud can drive up costs faster than a toddler with uncontrolled in-app purchase power. In the data center, communication can swamp the local servers and networks and cause chaos and ultimately outages. 

"Lateral" attacks - those launched from an app or system inside a container cluster or other networked environment - are a very real threat. It isn't enough to protect apps considered critical when every app is critical to the overall security of your data, network, and customers.

When considering what apps to protect, it's no longer enough to simply use the sensitivity of data or business criticality as primary factors. It's important to consider what other resources and apps can be reached by someone who gains access to that unassuming fish tank app.