Detecting ransomware in Amazon S3 is complex due to the limitations of existing logging tools and the default configurations of AWS services. The article outlines various ransomware techniques, their detection methods, and the necessary logging configurations to improve security against such threats. It also introduces YES3, an open-source tool designed to help identify S3 access issues and enhance ransomware prevention controls.