catalog logoThe IAM Privilege Catalog

risks / Data encryption

Description

Allows an attacker to encrypt data within a system. This can be used to either make data permanently inaccessible, or extort compensation for access to the encryption key, in the case of ransomware.

Risk: CRITICAL

Exploited in isolation, this risk has the potential to disrupt central organizational operations, destroy trust, or create significant liability. Alternatively, this risk gives attackers access to broadly provisioned identities that enable the above impacts (such as root privilege escalation risks).

Mitigations

  1. Backup data

Links

  1. https:/​/​attack.mitre.org/​techniques/​T1486/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

cloudfunctions.functions.update
cloudkms.cryptoKeyVersions.destroy
cloudsql.instances.update
logging.buckets.update
logging.settings.update
secretmanager.secrets.update
storage.buckets.update
© 2023–present P0 Security and contributors to the IAM Privilege Catalog