The Recent AWS Leaks and the Human Element

Amazon Web Services

Despite all the cyber security threats swimming around the internet, the biggest liability when it comes to security is still the human element. Over the past two months three major organizations, the Republican National Committee(RNC), Verizon, and Dow Jones & Company, have suffered data leaks. All three of them occurred by using Amazons Web Services(AWS) cloud storage. However, it was not due to lack of security in part of Amazon. Instead, the cause of the leaks was due to poorly configured settings by the organizations mentioned. This shows the amount of attention that needs to be placed in the human element when it comes to InfoSec.

The first instance of the leaks happened at the RNC, where the information of 200 million registered voters was exposed on an open database online. In this case, the leak was not due to a malware campaign, or complex technical oversight. The information of millions of voters was exposed online simply because of an RNC contractor, Deep Root Analytics, uploaded the information onto the cloud without a password.

In the case of Verizon, the data leak happened because of a Verizon vendor, Nice Systems, misconfigured security settings on AWS’s S3 repository. This resulted in the names, phone numbers, and PIN codes of 6 billion customers made readily available online. Luckily, the security issue was spotted early on by cyber security company UpGuard which informed Verizon of the issue. According to a statement from Verizon, no loss or theft of information occurred.

Finally, the most recent leak of information happened at financial publishing firm Dow Jones & Company. In this case, information like names, addresses, emails, and partial credit card numbers of 4 million customers were exposed. Again the reason for this leak happened due to the misconfiguration of AWS S3 settings. The configuration made the data available to anyone who had an Amazon AWS account.

There are two reasons why these mishaps happened on such a major scale. The first and most important reason is the fact that humans make mistakes. This has always been true and will keep being that way for the foreseeable future. As stated in Verizon’s 2017 DBIR report, there are no firewalls for human inattentiveness or alert systems for carelessness. 14% of last years breaches were due to human error or privilege misuse. However, there are procedures that can be implemented in order to help mitigate and contain these errors.

Human Errors Verizon DBIR

Breaches due to human error and privilege misuse. Source: Verizon DBIR 2017.

The second reason, which just happened to exasperate the first one, was the race to get information to the cloud. Having your data stored in cloud services such as AWS offers many benefits in comparison to traditional storage. However, the speed of this migration has left a chasm when it comes to security. Furthermore, when rushed, people are bound to make mistakes as in the case of the companies mentioned above. Data is an organization’s biggest asset, hence when managing it should be handled cautiously in any situation.

Leave a Reply

Your email address will not be published. Required fields are marked *