Pentagon Accidentally Exposes Web-Monitoring Operation

The Department of Defense accidentally exposed an intelligence-gathering operation, thank you to an online storage misconfiguration.

DOD was reportedly collecting billions of public cyberspace posts from social media, news sites, and web forums and storing them on Amazon S3 repositories. Simply it neglected to make those storage servers private. So anyone with a free Amazon AWS account could browse and download the data, co-ordinate to Chris Vickery, a security researcher at UpGuard.

Vickery noticed the problem in September. "The information exposed in one of the 3 buckets is estimated to contain at to the lowest degree 1.8 billion posts of scraped cyberspace content over the past 8 years," UpGuard said in a Friday written report.

Much of the data was scraped from news sites, web forums, and social media services such equally Facebook and Twitter. The information includes content relating to Iraqi and Pakistani politics and ISIS, merely likewise social media posts made by Americans.

In a Twitter direct bulletin, Vickery told PCMag he "made certain the [storage] buckets we discovered were secured before anything was brought to media attending." However, he has no thought if anyone else, similar malicious parties, ever accessed the information.

DOD didn't immediately respond to a request for comment. But the Pentagon confirmed the accidental leak to CNN.

Why the Defense Section was collecting this information isn't clear. But it certainly raises eyebrows at a time when concerns persist virtually U.s.a. surveillance programs. Information technology also comes as US agencies are struggling on the cybersecurity front. The National Security Bureau, for instance, failed to stop breaches of its ain classified hacking tools.

"Even the most sensitive intelligence organizations are not allowed to sizable cyber risk," UpGuard said in its Fri study.

The Defense Department isn't the only 1 to commit the security slip-upward with AWS cloud storage. Before this yr, UpGuard institute that Verizon and Dow Jones made the same mistake, effectively exposing their private customer data to the public.

Source: https://sea.pcmag.com/news/18311/pentagon-accidentally-exposes-web-monitoring-operation

Posted by: vangorderwhout1940.blogspot.com

Share this post