The State of Cloud Ransomware in 2024

Tags

External References

• https://www.sentinelone.com/
• https://otx.alienvault.com/

Description

Cloud ransomware attacks are evolving, primarily targeting storage services like Amazon S3 and Azure Blob Storage. Attackers exploit misconfigurations or use stolen credentials to access and encrypt data. Cloud service providers have implemented security measures, such as AWS's 7-day key deletion window, to mitigate risks. New techniques using customer-managed keys pose challenges for data recovery. Ransomware groups are also leveraging cloud services for data exfiltration. Web applications hosted in the cloud are vulnerable to extortion attacks, with tools like Pandora targeting PHP servers. Organizations are advised to use Cloud Security Posture Management solutions and enforce strong identity management practices to protect against these emerging threats.

Date