Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Cloud Security Privacy The Internet

Hundreds of Exposed Amazon Cloud Backups Found Leaking Sensitive Data (techcrunch.com) 16

An anonymous reader quotes a report from TechCrunch: New research just presented at the Def Con security conference reveals how companies, startups and governments are inadvertently leaking their own files from the cloud. You may have heard of exposed S3 buckets -- those Amazon-hosted storage servers packed with customer data but often misconfigured and inadvertently set to "public" for anyone to access. But you may not have heard about exposed EBS snapshots, which poses as much, if not a greater, risk. These elastic block storage (EBS) snapshots are the "keys to the kingdom," said Ben Morris, a senior security analyst at cybersecurity firm Bishop Fox, in a call with TechCrunch ahead of his Def Con talk. EBS snapshots store all the data for cloud applications. "They have the secret keys to your applications and they have database access to your customers' information," he said.

Morris built a tool using Amazon's own internal search feature to query and scrape publicly exposed EBS snapshots, then attach it, make a copy and list the contents of the volume on his system. It took him two months to build up a database of exposed data and just a few hundred dollars spent on Amazon cloud resources. Once he validates each snapshot, he deletes the data. Morris found dozens of snapshots exposed publicly in one region alone, he said, including application keys, critical user or administrative credentials, source code and more. He found several major companies, including healthcare providers and tech companies. He also found VPN configurations, which he said could allow him to tunnel into a corporate network. Morris said he did not use any credentials or sensitive data, as it would be unlawful.

This discussion has been archived. No new comments can be posted.

Hundreds of Exposed Amazon Cloud Backups Found Leaking Sensitive Data

Comments Filter:
  • by Rick Zeman ( 15628 ) on Friday August 09, 2019 @06:26PM (#59072430)

    Another reason to encrypt your EC2 volumes to your own KMS key. Amazon makes it so easy to encrypt anyone who doesn't is foolish.

    • by mi ( 197448 )

      It would've been enough to just set the bucket unreadable anonymously. Accessing an open bucket is not even illegal...

      Backups should be encrypted, yes. With a public key deployed to each of your machines. Amanda [amanda.org] can do it — and has S3 [zmanda.com] as one of the possible "tape" providers.

      If you ever need to restore, you pull the matching secret key out of the vault (or one of the several vaults) and decrypt it.

    • Another reason to encrypt your EC2 volumes to your own KMS key.

      Why even trust just that layer? If it's really a backup, and not something frequently accessed, why isn't it encrypted locally before transmitting to the cloud? It's painfully easy. Anyone can GPG a tar.gz file or use a Veracrypt volume. This is just plain retardedness.

  • It is really a matter of concern that hundreds of exposed amazon cloud backups are found leaking sensitive data and it can cause a huge data breach to us. So I will suggest you be careful and go through https://www.printersrepairnear... [printersrepairnearme.com] to get the details regarding this topic.
  • If you want to make an AMI available to others e.g. through the Community AMI program, they have to be public. How is he differentiating between these and those that were made public by mistake?

You are always doing something marginal when the boss drops by your desk.

Working...