A new wave of ransomware attacks has emerged, specifically targeting Amazon Simple Storage Service (S3) buckets. Unlike traditional ransomware, these new variants take advantage of weak access controls and configuration errors within cloud environments to restrict organizations from accessing their data. These attacks have serious implications, including complete data loss and significant operational and financial disruption.
The attackers gain unauthorized access through stolen credentials or misconfigured AWS accounts, targeting vulnerable S3 buckets lacking adequate protection. The most dangerous variant identified by Trend Micro researchers uses server-side encryption with customer-provided keys, rendering data unrecoverable. Upon gaining access, the threat actors encrypt files, often deleting the originals, and demand ransoms through notes left in the affected buckets. Security teams are urged to implement robust controls and monitor their cloud environments actively to thwart these threats.
👉 Pročitaj original: Cyber Security News
