In more than 70 percent of environments, EC2 instances met the above criteria, with the risk factor being public exposure to the internet.Every environment sampled had at least one AWS account in which an identity - and often many more than one - met the above criteria.The results revealed high potential for ransomware penetration when not using AWS mitigation controls. Those conditions allowed attackers to perform ransomware on at least 90 percent of the S3 buckets in an AWS account. Researchers looked for identities with permissions that had the ability and lacked effective mitigation and exposure to a risk factor. ![]() “A compromised identity with a toxic combination of entitlements can easily perform ransomware on an organization’s data,” he wrote. But cloud security stakeholders do not realize that S3 buckets face a great security risk from an unexpected source: identities, wrote Lior Zatlavi, senior cloud architect at Ermetic in discussing the company’s white paper report “New Research: The Threat of Ransomware to S3 Buckets” in his October report. Amazon S3 is designed for 99.9 percent (11 9’s) of durability, and stores data for millions of applications for companies all around the world, Amazon claims.ĪWS S3 buckets are considered highly reliable and are used with great confidence. These use cases include data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics.Īmazon S3 provides easy-to-use management features so subscribers can organize data and configure finely-tuned access controls to meet specific business, organizational, and compliance requirements. Customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, according to Amazon. The research revealed a very high potential for ransomware in organizations’ environments.Īmazon Simple Storage Service (Amazon S3) is an object storage service that offers scalability, data availability, security, and performance. ![]() New research from cloud security firm Ermetic shows that nearly all businesses have identities that, if compromised, would place at least 90 percent of the S3 buckets in their AWS account at risk.Įrmetic conducted the study to determine the circumstances that would allow ransomware to make its way to Amazon S3 buckets.
0 Comments
Leave a Reply. |