iTnews
  • Home
  • News
  • Technology
  • Security

US intel agency leaked classified info via AWS S3

By Juha Saarinen on Nov 29, 2017 6:30AM
US intel agency leaked classified info via AWS S3

Researchers found virtual hard drive for comms with Pentagon.

A United States joint intelligence agency stored sensitive material on an Amazon Web Services cloud storage facility without any access controls, sparking concerns that classified material may have leaked to unknown parties.

Security vendor Upguard revealed the information leak it discovered in an open AWS Simple Storage Service (S3) bucket belonging to the US Army Intelligence and Security Command (INSCOM).

INSCOM is jointly run by the US Army and the National Security Agency (NSA), and is tasked with collecting intelligence for the American military. 

Upguard found 47 viewable files and folders in the S3 bucket, three of which were downloadable.

One was an Oracle Virtual Appliance file, which Upguard said contained a virtual hard drive and a Linux-based operating system.

The virtual hard drive was likely used to receive US Defence Department data from remote locations, and contained files marked as top secret and NOFORN, meaning they contain sensitive material to be viewed by US eyes only.

The information in the AWS repository was easily accessible through a web browser.

"... the digital tools needed to potentially access the networks relied upon by multiple Pentagon intelligence agencies to disseminate information should not be something available to anybody entering a URL into a web browser," Upguard wrote.

The time and date stamps on the files in the repository are mostly from 2012 and 2013, with the newest being from October 2014. Metadata for the files shows they appear to have been worked on by now-defunct defence contractor Invertix. 

More than 100 gigabytes of data was left unsecured.

Digital keys and hashed passwords for Invertix administrators accesssing distributed intelligence systems were also left on the virtual hard drive.

Earlier this month, Upguard discovered another AWS S3 storage repository that contained what appeared to be internet surveillance data left wide open by the US Department of Defence's Central and Asia-Pacific Commands.

Organisations failing to secure data in AWS S3 buckets has been a recent problem for Amazon, which has issued warnings and tweaked S3 security in a bid to stop any more high-profile leaks.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
awscloud computinginscomnsas3securityupguard

Partner Content

Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
Why rethinking your CMS is crucial for customer retention
Promoted Content Why rethinking your CMS is crucial for customer retention

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Juha Saarinen
Nov 29 2017
6:30AM
0 Comments

Related Articles

  • AWS patches 'one bug, three vulnerabilities' authentication error
  • Don't remove PowerShell: US, UK and NZ security agencies
  • US agencies accuse China of attacking telcos and network providers
  • Popular Python and PHP software repo-jacked
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NSW Police dumps Bezos-backed Mark43 from core systems overhaul

NSW Police dumps Bezos-backed Mark43 from core systems overhaul
Australian court finds insurer not liable for ransomware clean-up costs

Australian court finds insurer not liable for ransomware clean-up costs
NBN Co proposes to axe CVC across all plans by mid-2026

NBN Co proposes to axe CVC across all plans by mid-2026
ADHA extends Accenture's My Health Record support deal for $100m

ADHA extends Accenture's My Health Record support deal for $100m

Digital Nation

Metaverses on the agenda for Dominello, Husic ministerial meeting
Metaverses on the agenda for Dominello, Husic ministerial meeting
Australia will lose 11 percent of jobs to automation by 2040: Forrester
Australia will lose 11 percent of jobs to automation by 2040: Forrester
COVER STORY: How KPMG, Mirvac and ASX use blockchain to build trust in the property sector
COVER STORY: How KPMG, Mirvac and ASX use blockchain to build trust in the property sector
Criteo to fork out $94.7m for consent breaches
Criteo to fork out $94.7m for consent breaches
Domino’s invests in observability for zero contact delivery
Domino’s invests in observability for zero contact delivery
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.