Recent studies published on Monday show that almost six percent of all Amazon S3 buckets are open to public viewing, while two percent are up for public editing. With the latter any one can add, delete or edit the data and even hold the user’s data for ransom.
This research that was carried out by French cyber-security company HTTPCS updates a previous survey of Amazon S3 buckets from September 2017.
The survey, carried out by the cloud security gurus at Skyhigh Networks, found that 7% of all Amazon S3 storage buckets were publicly accessible.
It was believed at the time that the high number of publicly readable data buckets was the main reason of the spikes in reports of data breaching.
The new HTTPCS survey scanned a hundred thousand s3 buckets while also checking buckets that had already given full access to the general public. The new scan was carried out after a Bleeping Computer report warned about the potential of abuse regarding such buckets’ existence.
“Twenty Percent of public Buckets (i.e. 2% of the total) aren’t write-protected, what might lead to data corruption attacks, malware spreading, and even to ransomware attacks, as we could see in 2017 on poorly configured MongoDB databases,” HTTPCS experts discovered that only 5% of the buckets which aren’t write-protected don’t contain files, therefore this makes the possibilities of large scale attacks all too real.
This goes to show the serious security lapse that has been laying dormant ready to be exploited. Hopefully this will be patched soon otherwise this whole could take a sour turn.
Allowing users not on the Amazon service to be able to access buckets and do with them as they please is quite a big oversight on the company’s part. For a company to have ignored it for this long is quite alarming especially given the recent activity of hackers on similar services. The time might not be far when Amazon is under fire. With this knowledge now made common knowledge it seems that time has grown closer still.
