Ido Safruti is the Founder and CTO at PerimeterX, a provider of behavior-based threat protection for the web, cloud and mobile.
Harried SREs and DevOps teams are tasked with managing increasingly complex web applications. This means, more and more, a growing thicket of cloud services, third-party software and third-party libraries, all of which must be configured or managed to some degree. So it’s no surprise that Verizon’s 2020 DBIR highlighted misconfiguration errors as the fastest-growing source of data breaches.
This trend has been duly noted by multiple Magecart gangs, in particular with regard to Amazon S3 storage buckets. In truth, though, S3 is but one of many types of shared resources that Magecart gangs could potentially target in future attacks. More broadly, shared resources within an organization are becoming premium targets for bad actors seeking to do damage to more than one web application and leverage internal efficiency efforts at app companies for broader economies of scale in Magecart attacks. These attacks on shared resources can scale widely (some of the S3 attacks have been “spray and pray”) and result in millions of dollars in damages per instance of compromise.
Why Magecart Gangs Target S3 And Other Common Services
*** This is a Security Bloggers Network syndicated blog from PerimeterX Blog authored by PerimeterX Blog. Read the original post at: https://www.perimeterx.com/resources/blog/2020/misconfiguration-errors-are-a-magecart-delight/