Ads Here

Wednesday, 29 November 2017

The NSA left 100 GB of unprotected confidential data on the network

The North American National Security Agency, NSA has not correctly protected a file with more than 100 GB of confidential data with sensitive information, leaving it on an Amazon Web Services server and without covering the need to generate a password to access it. The National Security Agency has not yet solved its leakage problem.

Serious error of the NSA with your confidential data

This serious error was discovered by Chris Vickery, director of cybersecurity at UpGuard, who alerted authorities in October. According to the expert, accessing this data was "as simple as writing a URL. These data were classified as "top secret" and there were files connected to the US intelligence networks. They are things used to mark people for death and they were available in a URL ", cites the Cnet. Vickery said he had been so incredibly easy to access that when he first discovered it, his first thought was: "Is this real?"

The server was not on the list, but it did not have a password, which meant that anyone who found it could dig into the government's secret documents. It was in the "inscom" subdomain of AWS, an abbreviation for the United States Army Intelligence and Security Command. That is exactly what happened at the end of September of this year.

In this case, the information was available on an unlisted Amazon Web Services server, but it did not need authentication to be able to access it. Among the data, there were documents classified as NOFORN, the acronym that indicates that not even US foreign allies should have access. This gives us an idea of ​​the importance of the information presented to the general public.

This unfavorable situation was generated due to simple human error of the National Security Agency itself, since AWS has options to protect this type of information, but this configuration has not been chosen by whoever has placed the file online .

The data breaches of both AWS and NSA servers have become common in recent years. The poor security in the AWS servers led to the disclosure of data related to the Pentagon, Verizon, Dow Jones and nearly 200 million US voter registrations.

Files and confidential data exposed

The server in question had 47 files that could be accessed, of which three could be downloaded without any problem, thus exposing large amount of sensitive information to the common public. The 100 GB refer to a failed military project in 2013, known as Red Disk and include images of drones, images captured by satellites and several secret reports.

A virtual disk image, essentially the contents of a hard drive belonging to the NSA, was left exposed on a public storage server of Amazon Web Services. The server contained more than 100 gigabytes of data from an Army intelligence project called "Red Disk," according to ZDNet.

The NSA, meanwhile, has suffered notorious leaks that date back to Edward Snowden's complaint in 2013 about the agency's massive surveillance program. Since then, thieves have stolen the NSA's hacking tools, and an NSA contractor faced charges after leaking the agency's secrets to the public. Another contractor faces up to 11 years in prison for stealing secret documents.

A very expensive human error

The theft of NSA data can cause serious collateral damage. The massive ransomware attack from WannaCry quickly spread because hackers took advantage of a tool stolen from the NSA. The agency has not yet made any comment about it, however, most of the data could not be accessed without connecting to the Pentagon network, researchers from the security firm said.

ZDNet was able to take a look at some of the files and detected a connection to Red Disk, a cloud-based intelligence system developed by the Army in 2013. Red Disk, a $ 93 million program considered a military failure, was designed to help the Pentagon with soldiers in the field who collected classified reports, satellite images and images of drones. All the data belonged to INSCOM, a division of the Army and the NSA.

"Stated clearly, the digital tools necessary to potentially access the networks that multiple Pentagon intelligence agencies rely on to disseminate information should not be available to anyone who enters a URL in a web browser," UpGuard said in a blog entry. Blog.

No comments:

Post a Comment