DOD exposes web-monitoring data on unsecured Amazon cloud server: 5 things to know

The U.S. Department of Defense exposed some web-monitoring data on a publicly accessible cloud server, the agency confirmed to CNN Tech via email.

Here are five things to know about the incident.

1. Chris Vickery, a researcher with the security firm UpGuard, discovered the exposed information by searching for keywords on Amazon Web Services' cloud-based data storage units, called S3 buckets. When searching for storage units containing the phrase "com," he identified three buckets stored by the DOD, which were accessible to anyone with an Amazon Web Services account.

2. The buckets contained at least 1.8 billion internet posts corralled from public websites like Facebook, Twitter and YouTube originating from various countries, including the U.S. The posts go back as far as 2009, however, the uploads seemingly began in 2013, and were ongoing when Mr. Vickery identified the storage units. Topics included American history, President Donald Trump and "killer clowns," among others.

3. The motivation behind the web-monitoring data — which is held by U.S. Central Command and U.S. Pacific Command — is unclear, according to Mr. Vickery. Josh Jacques, a spokesperson for U.S. Central Command, told CNN Tech it is "used for measurement and engagement activities of our online programs on public sites," and is "not collected nor processed for any intelligence purposes."

4. The DOD secured the publicly available data after Mr. Vickery alerted them to the issue, according to CNN Tech. Mr. Jacques highlighted the information in the S3 buckets was publicly available online before the agency collected it and that U.S. Central Command uses commercial programs for this type of information collection. "The information we gather is widely available to anyone who conducts similar online activities," he told CNN Tech.

5. In early November, Amazon Web Services said it would add prominent warnings to publicly accessible S3 buckets in an effort to bolster security processes. In the preceding months, security experts had discovered a few high-profile data breaches by companies that failed to establish permission settings. For example, in June, Mr. Vickery found roughly 14 million Verizon customers' records on an unprotected S3 server.

More articles on cybersecurity:
Healthcare industry spends $1.3B each year to address endpoint security attacks
12% of health IT pros increased cybersecurity spending by 50% in 2017, survey finds
Google, UC Berkeley researchers find 27.8% of phishing victims use Gmail

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months