US intel agency leaked classified info via AWS S3

By on
US intel agency leaked classified info via AWS S3

Researchers found virtual hard drive for comms with Pentagon.

A United States joint intelligence agency stored sensitive material on an Amazon Web Services cloud storage facility without any access controls, sparking concerns that classified material may have leaked to unknown parties.

Security vendor Upguard revealed the information leak it discovered in an open AWS Simple Storage Service (S3) bucket belonging to the US Army Intelligence and Security Command (INSCOM).

INSCOM is jointly run by the US Army and the National Security Agency (NSA), and is tasked with collecting intelligence for the American military. 

Upguard found 47 viewable files and folders in the S3 bucket, three of which were downloadable.

One was an Oracle Virtual Appliance file, which Upguard said contained a virtual hard drive and a Linux-based operating system.

The virtual hard drive was likely used to receive US Defence Department data from remote locations, and contained files marked as top secret and NOFORN, meaning they contain sensitive material to be viewed by US eyes only.

The information in the AWS repository was easily accessible through a web browser.

"... the digital tools needed to potentially access the networks relied upon by multiple Pentagon intelligence agencies to disseminate information should not be something available to anybody entering a URL into a web browser," Upguard wrote.

The time and date stamps on the files in the repository are mostly from 2012 and 2013, with the newest being from October 2014. Metadata for the files shows they appear to have been worked on by now-defunct defence contractor Invertix. 

More than 100 gigabytes of data was left unsecured.

Digital keys and hashed passwords for Invertix administrators accesssing distributed intelligence systems were also left on the virtual hard drive.

Earlier this month, Upguard discovered another AWS S3 storage repository that contained what appeared to be internet surveillance data left wide open by the US Department of Defence's Central and Asia-Pacific Commands.

Organisations failing to secure data in AWS S3 buckets has been a recent problem for Amazon, which has issued warnings and tweaked S3 security in a bid to stop any more high-profile leaks.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?