Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom

Cybercriminals are infiltrating organisations’ cloud storage containers, stealing sensitive data and demanding payment in exchange for not releasing the stolen data. The attackers gain access by finding and exploiting exposed environment files within the organisation’s web applications. Once in, they create a list of other IAM users on the AWS account, locate services in use, and create new roles with administrative permissions. The attackers’ successes are largely due to server misconfigurations and excessive permissions associated with IAM resources.