Unusual Cloud Storage Deletions

Description

Triggered on a large number of deletes from a cloud file storage system. This anomaly looks at the enterprise average for a historical baseline.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Insider Threat, Security Monitoring

Category

Account Compromise, IAM Analytics, Ransomware

Alert Volume

Medium

Journey

Stage 4

MITRE ATT&CK Tactics

Impact

MITRE ATT&CK Techniques

Data Destruction

MITRE Threat Groups

APT38
Lazarus Group
Sandworm Team

Data Sources

Audit Trail