If I where a hacker: Using AI to understand
This autumn, the team at IssTech will create a series of blogs and videos. As a Kubernetes Backup Expert, writing this blog post, I will be pretending to be a hacker. In this series, I will, in theory, "hack" one of our customer's Kubernetes environments to see if they can recover from each attack without a backup.
Understand a modern infrastructure
When we help customers recover from cyberattacks, it's often surprising to find that hackers sometimes know more about the organisation's environment than the company itself. While not all hackers are this knowledgeable, some are "spray and pray" attackers who have no idea what they've encrypted, the most dangerous ones are highly informed.
As a "hacker" in this scenario, my first step would be to document the client's environment. To understand what a modern Kubernetes setup looks like, I'll start by exploring its common components. I'll even consult a resource like Google Gemini to learn about the dependencies and key features of modern containerised applications.
To get a better handle on the DevOps lifecycle, I'll follow the work of a well-known Kubernetes influencer, Michael Cade. He documented his 90-day journey to become a DevOps professional, sharing blogs and videos that explain what to learn and how to automate as much of the infrastructure as possible.
This research helps me understand that a typical environment includes Kubernetes servers (Worker and Master Nodes). Storage is often external, using solutions like NFS, Longhorn, or Ceph. A common best practice is to avoid using Persistent Volumes inside Kubernetes. Instead, data is stored outside the environment in serverless databases (e.g., AWS Aurora, Google BigQuery, Azure SQL) and file data is saved in S3 buckets.
To accelerate development and maintain code security, organizations use a source code control platform like GitLab or GitHub. This is integrated with a Continuous Integration/Continuous Deployment (CI/CD) pipeline, which automatically updates containers with new code every time a new version is released.
In the next few blogposts we will explore what each component does and how they can help to recover your modern infrastructure, by using AI we can then understand what component can help our client to recover from a disaster.
What is IssTech?
IssTech is a dynamic company specializing in data protection for modern IT environments, from Kubernetes and automation to cloud and SaaS. Our goal is simple: to keep you secure when it matters most. With over 20 years of industry experience behind us, we combine deep expertise with a passion for innovation. As a fast-growing company, we work with leading businesses to deliver secure, future-proof solutions in DevOps and cloud.
Join our newsletter and follow IssTech on our journey, "My Life as a Hacker."
