{"id":11963,"date":"2018-02-26T13:16:30","date_gmt":"2018-02-26T12:16:30","guid":{"rendered":"http:\/\/www.devopsonline.co.uk\/?p=11963"},"modified":"2018-02-28T15:34:44","modified_gmt":"2018-02-28T14:34:44","slug":"researcher-finds-misconfigured-s3-buckets-common-problem-aws-users","status":"publish","type":"post","link":"https:\/\/devopsnews.online\/researcher-finds-misconfigured-s3-buckets-common-problem-aws-users\/","title":{"rendered":"Researcher finds misconfigured S3 buckets are a common problem for AWS users"},"content":{"rendered":"
According to security researcher Kevin Beaumont, misconfigured S3 buckets are a common problem amongst Amazon Web Services (AWS) users.<\/p>\n
Beaumount\u00a0has\u00a0warned\u00a0that writable S3 buckets accessed by the public could be used by cyber criminals\u00a0for ransomware attacks.<\/p>\n
This is because of the large amount of data that can be stored in S3 buckets.<\/p>\n
In the past six months, documents have been exfiltrated from unprotected S3 buckets belonging to\u00a0Verizon, NSA,\u00a0the US Military and\u00a0Octoly, according to Tech\u00a0Republic<\/em>.<\/p>\n Josh Mayfield, director at enterprise security firm FireMon, wrote in a statement: “AWS will likely see a sizable ransomware attack in the coming months, not due to any flaws in AWS security, but because of misconfigurations.<\/p>\n “There is a persistent belief that since the infrastructure is a ‘service’ (IaaS), then the responsibility falls to the IaaS provider to secure their systems.”<\/p>\n He also noted to Tech Rebulic<\/em> that AWS has gone through “painstaking security development to bring the most robust controls you can have with a public cloud”.<\/p>\n Written by Leah Alger<\/p>\n","protected":false},"excerpt":{"rendered":" According to security researcher Kevin Beaumont, misconfigured S3 buckets are a common problem amongst Amazon Web Services (AWS) users<\/p>\n","protected":false},"author":12,"featured_media":11964,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","pmpro_default_level":"","footnotes":""},"categories":[1158],"tags":[806,771,2569,1074,2571,2572,1069,2570],"yoast_head":"\n‘Painstaking security development’<\/h2>\n