{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/knowledge_base/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["AWS Bedrock","AWS Bedrock Knowledge Base"],"_cs_severities":["medium"],"_cs_tags":["aws","bedrock","knowledge_base","deletion","cloudtrail"],"_cs_type":"advisory","_cs_vendors":["AWS"],"content_html":"\u003cp\u003eThis threat brief focuses on the detection of attempts to delete AWS Bedrock Knowledge Bases, which are crucial resources for storing and managing domain-specific information used by AI models within the AWS ecosystem. The deletion of these knowledge bases is detected by monitoring AWS CloudTrail logs for DeleteKnowledgeBase API calls. This activity could signal a malicious actor who has compromised AWS credentials and is attempting to disrupt operations, conceal data access, or degrade AI capabilities. A successful deletion could severely impact model performance and remove critical business context, potentially leading to significant operational disruptions. This analytic specifically looks for the \u0026quot;DeleteKnowledgeBase\u0026quot; event within CloudTrail logs related to the \u0026quot;bedrock.amazonaws.com\u0026quot; service.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Access:\u003c/strong\u003e The attacker gains unauthorized access to an AWS account, potentially through compromised credentials or exploiting a vulnerability in the AWS environment. (T1078)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrivilege Escalation:\u003c/strong\u003e The attacker escalates privileges within the AWS account to gain sufficient permissions to manage Bedrock Knowledge Bases. (T1068)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDiscovery:\u003c/strong\u003e The attacker uses AWS APIs or the AWS Management Console to identify existing Bedrock Knowledge Bases within the compromised account. (T1082)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCredential Access:\u003c/strong\u003e The attacker leverages compromised credentials or obtains additional AWS credentials to perform actions in AWS Bedrock. (TA0006)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImpair Defenses:\u003c/strong\u003e The attacker disables or modifies CloudTrail logging to prevent detection of their activities. (T1562)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResource Manipulation:\u003c/strong\u003e The attacker executes the \u003ccode\u003eDeleteKnowledgeBase\u003c/code\u003e API call, targeting specific Knowledge Base IDs to remove them from the AWS environment. (T1485)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImpact:\u003c/strong\u003e The deletion of the Knowledge Base leads to disruption of AI models relying on the knowledge base, data loss, or degradation of AI-driven services.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful deletion of AWS Bedrock Knowledge Bases can lead to significant disruptions. AI models that rely on the deleted knowledge bases may experience degraded performance or complete failure, impacting business operations. The loss of critical business context stored within these knowledge bases can also hinder decision-making processes and lead to financial losses. The number of victims and the specific sectors targeted would depend on the scope of the compromised AWS account and the usage of Bedrock services.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnable and monitor AWS CloudTrail logs with specific focus on Bedrock service events, especially the \u003ccode\u003eDeleteKnowledgeBase\u003c/code\u003e event (AWS CloudTrail).\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect AWS Bedrock Knowledge Base Deletion\u003c/code\u003e to your SIEM and tune it for your environment.\u003c/li\u003e\n\u003cli\u003eImplement multi-factor authentication (MFA) for all AWS accounts to mitigate credential compromise (T1199).\u003c/li\u003e\n\u003cli\u003eReview and restrict IAM permissions to limit access to sensitive AWS resources, including Bedrock Knowledge Bases (T1078).\u003c/li\u003e\n\u003cli\u003eInvestigate any detected \u003ccode\u003eDeleteKnowledgeBase\u003c/code\u003e API calls originating from unfamiliar or suspicious sources (Sigma Rule, AWS CloudTrail).\u003c/li\u003e\n\u003cli\u003eImplement an allowlist for expected administrators who regularly manage Knowledge Base configurations and tune the provided detections based on your specific environment (Known False Positives).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T17:30:00Z","date_published":"2024-01-03T17:30:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-03-aws-bedrock-knowledge-base-deletion/","summary":"An adversary may delete AWS Bedrock Knowledge Bases, which are resources that store and manage domain-specific information for AI models, to disrupt business operations or remove traces of data access by using the DeleteKnowledgeBase API call.","title":"AWS Bedrock Knowledge Base Deletion Attempt","url":"https://feed.craftedsignal.io/briefs/2024-01-03-aws-bedrock-knowledge-base-deletion/"}],"language":"en","title":"CraftedSignal Threat Feed - Knowledge_base","version":"https://jsonfeed.org/version/1.1"}