Based on Development Micro, attackers are probing a spread of S3 setups, from buckets with AWS-managed KMS keys to customer-provided keys, imported key materials, and even solely exterior key shops.
Why S3 is the brand new ransomware battleground
On-premise ransomware historically concerned dropping malware, encrypting desktops or servers, and threatening fee. However as organizations have migrated vital workloads and backups to cloud providers, researchers famous, attackers are following the information.
The Development Micro report lists a number of prime cloud targets, together with compute snapshots, static storage (S3) buckets, databases, containers/registries, and backup vaults. Amongst these, S3 is very worthwhile as a result of it typically holds backups, logs, configuration information, and static property–issues a corporation most desires again.
