News | Cloud Storage Security

In recent months, the release of applications such as OpenAI’s ChatGPT have caused a global spike in the popularity of generative artificial intelligence (AI) technologies. As the value AI provides continues to be showcased and proven, IT industry leaders such as Amazon Web Services (AWS) have invested large amounts of time and money into developing and integrating generative AI into their internal processes and offerings.  

While generative AI creates the opportunity to optimize business operations such as cloud computing, content creation, and even software development, the general availability of generative AI also makes it a tool with almost unlimited skills and knowledge accessible to anyone with an internet connection, including bad actors.

AWS-managed storage services such as Amazon Simple Storage Service (Amazon S3) and Amazon Elastic Block Store (Amazon EBS) are often the data store of choice for applications and data ingestion workflows.  

Amazon Simple Storage Service (Amazon S3) is widely used to run cloud-native applications, build data lakes, archive data, and backup critical data. In fact, it houses over 200 trillion objects, making it an appealing attack vector.

As cybercriminals develop more sophisticated malware they also develop new targets and new ways of distributing it. In addition to focusing on securing traditional avenues and existing security layers, you need to consider the security of the data that runs through Amazon S3.

Amazon Simple Storage Service (Amazon S3) launched over 16 years ago and today houses over 200 trillion objects making it one of the most successful services provided by AWS. Organizations use Amazon S3 to build data lakes, run cloud-native applications, backup and restore critical data, and archive data at low cost. Amazon S3's popularity has made it the center pin of cloud computing. This popularity has opened the door to advanced threats such as malware, ransomware, viruses, worms, trojans, and more.

If you ingest files into Amazon S3 from third-party sources that can eventually enter an environment where they become executable, you're opening the door to malicious payloads. Learn how to protect your users, customers and partners from ransomware, viruses, trojans and more during this detailed and technical event - Antivirus For Amazon S3 Workshop: Malware Scanning For Application Workflows.  This article includes links to register as well as what's being covered and who would benefit most from attending. 

AWS celebrated 16 years since the launch of Amazon S3 with AWS Pi Day on March 14, 2022. Since the beginning of the year, some incredible announcements have been made including improvements to file integrity, the new Glacier Instant Retrieval storage class, general availability of AWS Backup, and much more. With over 200 trillion files being stored (that’s 29,000 files per person on earth) and more than 100 million requests per second for files, S3 is used now more than ever. However, there’s still one aspect of storage security that continues to be overlooked — the topic of antivirus scanning.

It is well known that malware can disrupt the availability of critical assets and data, impairing an organization’s ability to operate. It is key that organizations remain vigilant and defend against malware across all potential entry points.  

Recently, the United States Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory to raise awareness regarding destructive malware and provide preventative recommendations.

Customer Challenge

As a fast-growing learning management solution, MindEdge was receiving a growing number of questions from existing and potential customers about their security practices. MindEdge determined that the best route for elevating customer confidence was to achieve SOC 2 compliance. While preparing their roadmap for making their system and processes SOC 2 compliant, they found themselves in need of additional security controls to ensure that objects stored and shared from Amazon S3 buckets were scanned and clean from malware. The team identified three main requirements that needed to be met:

Customer Challenge

ADEC Innovations hosts an application on AWS that collects environmental data, charts, and assets from public sources and aggregates these resources as elements in a pdf report for environmental professionals. The reports are stored in Amazon S3 buckets and delivered to customers via automated email.

Occasionally, customers would report that the delivery of the file had been blocked by their firewall or that the local device’s endpoint solution warned the user of potential malicious code embedded in the report.

Antivirus for Amazon S3 was built because our founders realized cloud application workflows that use Amazon S3 have become a massive attack vector. This is especially true for workflows that ingest third party files, store them in S3 and then share them downstream.