The severity is HIGH due to the potential for misuse of sensitive personal information. The real-world exploitability was demonstrated through a successful ransomware attack that encrypted and copied user data.
ELECQ, an EV charger manufacturer, experienced a ransomware attack on its AWS platform, resulting in the potential exposure of customer contact data including names, email addresses, phone numbers, and home addresses.
Affected Systems
- ELECQ's AWS cloud platform
Affected Versions: All versions used in the compromised infrastructure on March 7
Remediation
- Disable or restrict remote access services such as SSH and Telnet immediately using commands like `sudo systemctl disable ssh`.
- Implement multi-factor authentication for all user accounts that have access to the AWS environment.
- Increase encryption across the network by configuring TLS/SSL on all applicable services.
Stack Impact
The attack impacted AWS cloud infrastructure, potentially affecting services such as S3, RDS, and other AWS managed services. Specific versions are not specified in the report.