Amazon Simple Storage Service (Amazon S3) is an object storage service that stores data (files, images, etc) and can be thought of as a cloud drive in the simple sense.
Customers of all sizes and industries can use Amazon S3 to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. There is a lot to lose for these customers if S3 is compromised and therefore its important that the S3 and objects therein are stored and protected
Since S3s are object store houses for files for numerous scenarios mentioned above. Therefore, it is important to secure all S3s to prevent sensitive data from being lost and getting to the hands of malicious users.. Furthermore, if the access to S3s are compromised, there is a potential that attacks such as ransomware and malware can be launched from within. It is also possible that via a compromised S3, a hacker can gain access to other cloud resources further expanding the impact. Financial and reputational losses are a direct consequence of such a compromise.
Some of the reasons why S3s are prone to misconfigurations are – manual provisioning, in-life changes, large scale/high frequency deployments and low security awareness
Encryption disabled, public access (read and write) access enabled, SSL not enabled (insecure access), backup not enabled (low data availability), audit trail and logs disabled