Attackers use impact techniques to destroy, abuse, or disrupt the normal behavior of the target environment, and its resources and activities.
An attacker may try to delete or remove resources in a Kubernetes cluster. These resources may include deployments, configurations, nodes, pods, storage, compute, or other data.
In this technique, an attacker attempts to hijack and abuse a Kubernetes resource for a purpose that it was not originally intended for. One example is using compromised containers to run malicious tasks, such as digital currency mining (cryptomining), also known as a “cryptojacking” attack.
Denial of Service
An attacker may seek to make a service unavailable to legitimate users. They may impact the availability of components within the Kubernetes control plane, such as the API server, cluster nodes, or application components in pods.