Microsoft Releases Second Version Threat Matrix for Storage Services
Just last week, Microsoft announced the release of their second version threat matrix for storage services. This tool assists in identifying and analyzing potential security threats on data stored in cloud storage services. Their original version was released in April 2021.
Cloud storage accounts have been a target for cybercriminals for several reasons and the updated threat matrix provides better coverage of the attack surface by detailing several new initial access techniques. It sheds visibility into the threat landscape by detailing several novel attacks unique to cloud environments, even some not yet observed in real attacks.
Here are some noteworthy techniques covered in the blog:
- Object replication: Allows attackers to maliciously misuse the object replication feature in both directions by either using outbound replication to exfiltrate data from a target storage account or by using inbound replication to deliver malware to the target account.
- Operations across geo replicas: Helps attackers evade defenses by distributing operations across geographical copies of storage accounts. Security solutions may only have visibility into parts of the attack and may not detect enough activity in a single region to trigger an alert.
- Static website: Allows attackers to exfiltrate data using the “static website” feature, a feature provided by major storage cloud providers that can often be overlooked by less experienced users.
You can read the latest version of the matrix here: https://aka.ms/storageservicesthreatmatrix
The amount of data stored in the cloud is going to continue to grow exponentially, so is the need for robust security measures to protect it. 2W Tech relies on Microsoft Defender for Cloud to help detect and mitigate threats. Microsoft’s products are powered by Microsoft Threat Intelligence and behavior modeling to detect any unusual activity. Give the team at 2W Tech a call today to learn more about how to best protect your business from outside threats and cyberattacks.
Read More: