Amazon has a massive presence across so many different countries. This has made the company a suitable target for exploitation in phishing campaigns. The target group of most phishing emails that impersonate Amazon is customers who use it on a retail level. Some of the attacks are designed to spoof customers on a business level. Recently phishing attacks have been focused on taking advantage of organizations using Amazon Web Services. The phishing emails have proven to be quite convincing. These campaigns can lead to compromise of business data of those companies which use Amazon’s cloud platform.
This is a new cybersecurity threat in the IT space, and its effect is yet to be measured. Such cases shed light on the need for a network security engineer and a cyber security professional in every organization.
Table of Contents
- What is AWS?
- Phishing attacks
If you want to know more about a cyber security expert’s role and responsibilities, take up cyber security training.
What is AWS?
AWS or Amazon Web Services is an evolving, comprehensive cloud computing platform made available by Amazon. It includes a mixture of the platform as a Service (PaaS), packaged software as a service (SaaS), and infrastructure as service (IaaS) offerings. AWS’s services include organization tools such as database storage, content delivery services, and compute power. Amazon.com built an internal infrastructure to handle its online retail operations that were launched as AWS in 2006.AWS provided a cloud computing model that scaled to provide users with storage, computer, or throughput as per need. Also, it was one of the first companies that offered a pay-as-you-go model.
There are many different kinds of solutions and tools offered by AWS for software developers and enterprises. The services are currently used in data centers in up to 190 countries. AWS services are employed by groups such as education institutions, government agencies, private and nonprofit organizations. Based on the user’s needs, the services provided by AWS are separated in different ways. The individual server maps and configuration options for an AWS service should be visible to users. Amazon Web Services portfolio comprises more than 100 services, including databases, computing, application development, infrastructure management, and security. The services are categorized into:
- Storage databases
- Data Management
- Hybrid Cloud
- Development tools
- Artificial Intelligence
- Big Data Management
- Messages and notification
- Mobile Development
There are other types of schemes that can target AWS account holders. Another attack involved using the prevalent billing issue in which the mail claimed a due invoice for AWS, and the payment had to be done via the given link. The focus of this scam is to get a person’s financial information, including credit card data. Sending warnings ostensibly from AWS is another popular tactic. This attack involves telling the customer that their account will be blocked/restricted if the steps aren’t followed. Fake notices and fake AWS support tickets are also standard.
If an AWS account is compromised, it can damage the employer and individual in many ways. With business data, cybercriminals can carry out the following malicious acts:
- Ask for ransom from the organization for the data they have exfiltrated from the account. The hackers can also lock the organization out of the account.
- The sensitive data harvested from the account can further exploit partners, clients, or customers.
- Financial data and skim money from accounts can be used to support financial service or online store
- An organization’s AWS account being used as a phishing platform involves exploiting the account to distribute viruses and host credential-phishing pages and other files necessary for phishing attacks.
- The attackers can sabotage the organization’s business by corrupting or destroying data stored in their AWS account if not paid as per demand.
These kinds of AWS-themed phishing attacks will be seen more in the coming time. There are chances of them getting more dangerous and more sophisticated. For protecting your organization from such attacks, it is advisable to bring your users up to speed on the latest social engineering schemes. This includes cyber security training with high-quality simulated phishing attacks. These training pieces should particularly be given to employees with cyber security certification who control vital resources and assets, such as an AWS account.