skip to content

Latest News

AWS encryption attack mitigation

We have a few websites now where files are being stored in the cloud using Amazon S3 storage. So bringing to your attention...

The Messaging Company

If you're reading this you may be aware that iiNet and related email addresses have recently been offloaded to The Messaging...

New email hosting package available

Through our new Dreamscape portal you can now subscribe to a hosted email package for your domain, at very reasonable prices....

New Dreamscape Domain Portal

For those of you with domain names registered through Chirp's Dreamscape account, the new portal can be accessed at domains.chirpinternet.eu...

News RSS Feed

more news

AWS encryption attack mitigation

15 January 2025

We have a few websites now where files are being stored in the cloud using Amazon S3 storage.

So bringing to your attention a new ransomware attack which involves hackers getting access to your AWS credentials and using them to encrypt your files while also setting them to be deleted if a ransom is not paid (full story linked below).

In addition to ensuring your access keys are protected, you can also remove the encryption option from your AWS account for the bucket in question.

This is done by updating the S3 bucket policy with an additional clause:

{
  "Sid": "RestrictSSECObjectUploads",
  "Effect": "Deny",
  "Principal": "*",
  "Action": "s3:PutObject",
  "Resource": "arn:aws:s3:::example-bucket-name/*",
  "Condition": {
    "Null": {
      "s3:x-amz-server-side-encryption-customer-algorithm": "false"
    }
  }
}

The attack is described in more detail here and the mitigation here.

If you need assistance updating your S3 policy we are ready to help.

Related link

« Optusnet email issues - resolved?

< latest news