The Cause of the Increased Data Leaks from Amazon S3 Storage was Discovered

Sep 26, 2017 | 3:50 pm

Published by | Chandan Singh

Companies often overestimate the security of their cloud storage.Data Leaks,Amazon S3

(Data Leaks,Amazon S3)In recent times, there have been more cases of leaks of confidential data from Amazon S3 servers.For example, recently in the open access was found information of the American mobile operator Verizon.In almost all cases, leaks were related to the human factor – employees of companies and organizations themselves forgot to disable the public access function.That is, anyone who had the required link could view and download data from the cloud storage.

(Cyber Security Companies in India, Cyber Security Course in India)

Companies adhere to the erroneous opinion that if the link is only from employees, then no outsider can access the repository.However, attackers can get it with a MitM attack on the corporate network, bruteforce attacks on domain names in order to identify hidden URLs and other ways.At first glance, the task seems difficult.However, GitHub introduces open source tools that simplify the search for open S3 repositories and endanger many companies.

According to statistics from Skyhigh Networks, 7% of all S3 stores have unrestricted public access, and 35% have no encryption.Judging by the presented data, the problem acquires the character of an epidemic throughout the Amazon S3 infrastructure.