Published in News

Companies accidently leaking files from clouds

by on12 August 2019


Misconfigured Amazon servers

New research just presented at the Def Con security conference reveals how companies, startups and governments are inadvertently leaking their files from the cloud.

Ben Morris, a senior security analyst at cybersecurity firm Bishop Fox, said that another risk was EBS snapshots. These elastic block storage (EBS) snapshots are the "keys to the kingdom”.

EBS snapshots store all the data for cloud applications. "They have the secret keys to your applications, and they have database access to your customers' information", he said.

Morris built a tool using Amazon's own internal search feature to query and scrape publicly exposed EBS snapshots, then attach it, make a copy and list the contents of the volume on his system. It took him two months to build up a database of exposed data and just a few hundred dollars spent on Amazon cloud resources.

Once he validates each snapshot, he deletes the data. Morris found dozens of snapshots exposed publicly in one region alone, he said, including application keys, the critical user or administrative credentials, source code and more.

He found several significant companies, including healthcare providers and tech companies.

He found VPN configurations, which he said could allow him to tunnel into a corporate network. Morris said he did not use any credentials or sensitive data, as it would be unlawful.

Last modified on 12 August 2019
Rate this item
(0 votes)

Read more about: