The Palo Alto Networks Unit 42 Cloud Threat Report reveals that 66% of cloud storage buckets contain sensitive data, exposing them to potential ransomware attacks. Security experts emphasize that cloud providers' default settings can be exploited for these attacks. For instance, native encryption mechanisms like Amazon S3’s SSE-C can be misused by attackers. Recommendations from SANS Institute urge organizations to understand cloud security controls' limitations and to implement stricter encryption methods through IAM policies to ensure data protection.
In just the past few months, I have witnessed two different methods for executing a ransomware attack using nothing but legitimate cloud security features.
While these services usually have file recovery capabilities enabled by default, this is not the case for Amazon S3, Azure Storage, or Google Cloud Storage.
Collection
[
|
...
]