Whitepaper: Misconfigurations Leading to AWS S3 Ransomware Exposure

S3 buckets are advertised by AWS as extremely durable. Recent Ermetic research found that misconfigurations of S3 buckets and access-related factors made exposure to potential ransomware in the real-world sample studied extremely common. This potential risk calls for organizations to take urgent action to correct any such S3 bucket misconfigurations and access-related factors.  

Ermetic mapped out scenarios in which a permissions combination could allow an identity to perform ransomware on a bucket. We also analyzed configuration risk factors and the effectiveness of native mitigation features. Putting theory to practice, we then used the Ermetic analysis engine to analyze real-world environments in which all the following factors were true:

  • An identity had a permissions combination that enabled it to perform ransomware
  • Effective mitigation features were not enabled on the S3 buckets to which the identity had access
  • Due to misconfigurations, the identity was exposed to one or more additional risk factors, such as public exposure to the internet, that could lead its being compromised
Download the report for details on the findings and to learn about effective mitigating strategies.

Register to download!