CypherCon 2022

How Ransomware Can Follow You to the Cloud

Kat Traxler


Ransomware is a financially motivated crime.  The goal is to inhibit business system in order to extract a payment.  Historically, there’s been plenty of financial gain from ransoming data as it resides in traditional onPrem systems.  So the question is, will there be evolutionary pressure on attackers – forcing them to evolve tactics?

In this talk I will be demo-ing strategies threat actors might employ to affect availability of business data in the cloud.  

I will be showcasing:
– How ransomware can target IaaS environments, specifically in AWS
– Highlighting the signals ransomware in the cloud might exhibit before encryption
– Ways attackers can compromise availability of S3
– Strategies for threat detection and risk mitigation of your AWS environment

Kat Traxler

Midwest Hacker

Kat Traxler is a Security Professional in the Twin Cities performing penetration testing, security architecture and research in the areas of Web Security, IAM, Payment Technologies and Cloud Native Technologies. She has been a proud SANS facilitator since 2016 and currently holds GIAC-GSEC, GIAC-GCWN and GIAC-GDAT certifications. Kat Traxler is obsessed with the attack surface at the confluence of Identity and Cloud Platform APIs and thinks you should be too.