Security News > 2020 > June > Misconfigured Public Cloud Databases Attacked Within Hours of Deployment

Misconfigured Public Cloud Databases Attacked Within Hours of Deployment
2020-06-10 12:23

Databases - usually in Elasticsearch or AWS S3 buckets, and often containing sensitive data - are frequently left in public Cloud storage without access controls.

The problem is so great that in January 2020, the NSA warned, "Misconfiguration of cloud resources remains the most prevalent cloud vulnerability." Such databases can be accessed, downloaded, or manipulated by anyone who finds them.

The clear implication of Comparitech's honeypot research is that misconfigured public cloud databases are rapidly discovered and attacked by bad actors.

"Many of the misconfigured databases we find are set up for temporary test purposes," explains Bischoff, "So logging might be an afterthought or isn't set up correctly." The users who set up the databases without understanding the need to establish access control are also likely to ignore, or not understand, the need for logging.

Comparitech's honeypot experiment would suggest that more data may be being lost through misconfigured public cloud databases than we are led to believe.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/rS4MWjJnT5Y/misconfigured-public-cloud-databases-attacked-within-hours-deployment