Subscribe to our newsletter to get the latest scoop right into your inbox.
More than 60,000 sensitive US military files have been found on a publicly accessible Amazon server by a security researcher.
Security has been a wary high-brow for cloud adopters. The recent incidence of data breach can reaffirm the ‘Security’ concerns.
Amazon Web Services (AWS) are prime cloud infrastructure providers across the world.
Lately, US military data was found exposed on the server — around 60,000 sensitive US military files publicly accessible, the BBC reported lately citing a security researcher.
The files containing passwords for U.S. government systems and security credentials of a software engineer working under defense contractor Booz Allen Hamilton were discovered by cyber resilience firm UpGuard analyst, Chris Vickery.
They were connected to a project for the U.S. National Geo-Spatial Agency, which works on satellite and drone-based surveillance. Vickery said finding the data wasn’t difficult as it was discovered during a routine search of the Amazon Web Service’s simple storage services Simple Storage Service buckets.
The files contained passwords for US government systems and the security credentials of a senior engineer at defence contractor Booz Allen Hamilton (BAH). They were discovered by Upguard analyst Chris Vickery.
In a statement, BAH said no classified data had been stored on the server.
“We have confirmed that none of those usernames and passwords could have been used to access classified information,” the contractor added.
The files were connected to a project for the US National Geospatial-Intelligence Agency (NGA), which deals with satellite and drone surveillance imagery.
BAH said it believed the incident was the result of “an unintentional mistake”.
“As soon as we learned of this mistake, we took action to secure the areas and alerted our client and began an investigation.
“Our client has said they’ve found no evidence that classified data was involved, and so far our forensics have indicated the same”, the company said.
The finding is peculiar, since Amazon Web Service stores public data and U.S. military data is generally stored on the U.S. government’s servers. The logical surmise would be this might be data given to private contractors working for the government, but still the lack of security protocols is surprising, since surveillance data, if exposed, could endanger the military’s operations abroad.
A generic movie-buff, passionate and professional with print journalism, serving editorial verticals on Technical and B2B segments, crude rover and writer on business happenings, spare time playing physical and digital forms of games; a love with philosophy is perennial as trying to archive pebbles from the ocean of literature. Lastly, a connoisseur in making and eating palatable cuisines.
Vishal Goyal, Senior Manager - Technical Marketing, Analog and MEMS Group, RF, Sensors and A...
Souma Das, Managing Director, Qlik India
Rajesh Shewani, Head, Technology and Solution Architecture, Teradata India
Krishnan Shrinivasan, Managing Director, Lam India
Maninder Singh, Corporate Vice President and Head – Cyber Security and GRC, HCL Technologies
May 29, 2017
Mar 03, 2017
Jul 27, 2017Designed to meet the long lifecycle needs of COTS contractors Artesyn Embedded Technologies launched a powerful new packet processing and high performance server blade, the ATCA-7540, based on dual Intel Xeon Scalable processors (codename Skylake), which were recently announced. Key Nuggets...
Jul 20, 2017Limelight Networks announces establishment of three new Points-of-Presence (PoPs) in India panning across Bombay, Chennai and Delhi. The new PoPs is...
Jul 18, 2017Spirent Communications deep reporting and analytics to check and optimize virtualized infrastructures Spirent Communications announces the release of...