Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a hypothetical but realistic supply-chain attack scenario in this DEF CON 33 conference talk that examines how compromised AWS S3 buckets could have led to one of the largest cyber attacks in history. Delve into the anatomy of a crypto worm attack that could have targeted over 100 organizations worldwide, affecting approximately 28,000 hosts across 158 countries, including nation-state assets, major banks, and tech companies. Learn how security researcher Maksim Shudrak prevented this catastrophic scenario by identifying and claiming 5,155 vulnerable, abandoned AWS S3 buckets before malicious actors could exploit them. Discover how adversaries equipped with big data analysis tools and custom LLM-agents could automate and scale such attacks to unprecedented levels. Examine nine concrete stories that illustrate potential victim profiles and attack vectors, while gaining statistical insights into the scope of this threat. Understand the remediation actions and preventive measures that organizations and cloud providers can implement to eliminate these risks permanently and protect against similar supply-chain vulnerabilities in the future.
