The National Security Agency and the Cybersecurity and Infrastructure Security Agency released a report which details threats to Kubernetes environments. The report provides configuration guidance to minimize risk. Cyber actors may try to use the open source system to harness a network’s underlying infrastructure for computational power for purposes such as cryptocurrency mining. Primary actions include the scanning of containers and Pods for vulnerabilities or misconfigurations, running containers with the least privileges possible, and using network separation, firewalls, strong authentication, and log auditing.
Source: https://www.helpnetsecurity.com/2021/08/09/harden-kubernetes-systems/