Ben Morris, a senior security analyst at cybersecurity firm Bishop Fox, said that another risk was EBS snapshots. These elastic block storage (EBS) snapshots are the "keys to the kingdom”.
EBS snapshots store all the data for cloud applications. "They have the secret keys to your applications, and they have database access to your customers' information", he said.
Morris built a tool using Amazon's own internal search feature to query and scrape publicly exposed EBS snapshots, then attach it, make a copy and list the contents of the volume on his system. It took him two months to build up a database of exposed data and just a few hundred dollars spent on Amazon cloud resources.
Once he validates each snapshot, he deletes the data. Morris found dozens of snapshots exposed publicly in one region alone, he said, including application keys, the critical user or administrative credentials, source code and more.
He found several significant companies, including healthcare providers and tech companies.
He found VPN configurations, which he said could allow him to tunnel into a corporate network. Morris said he did not use any credentials or sensitive data, as it would be unlawful.