2017-09-12Kromtech Discovers Massive Elasticsearch Infected Malware Botnet
Kromtech Security Center Releases Tool to Identify and Prevent Data Leaks for Amazon S3 Users Since 2014 The Kromtech Security Center has helped to secure the sensitive data of millions of people from all over the world and identified exposed data from governments, companies, and organizations. A data leak can cause irreparable harm and we believe private data should remain private. Far too often simple human errors can expose sensitive data and the Kromtech Security Center has tried to bring attention to the importance of data security through news and security warnings. Many of our data discoveries have appeared due to a misconfigured Amazon S3 repository. Amazon S3 is reported to store more than 2 trillion objects as of April 2013 and we can only imagine that number has grown substantially in the years since. Much of that data could be leaked online and we want to help secure it before it gets into the wrong hands. Our R&D team has created a free audit tool that anyone can use to identify if their Amazon S3 files are secured or if they are publically available and at risk. Amazon S3 is a popular storage service that is used by many enterprises, governments, and individuals across the globe. The service is fast, scalable and easy to use, but far too often we have seen cases where administrators fail to configure it properly. This usually results in confidential user data or internal data is leaked online to anyone with an internet connection. The free and open sourced Kromtech S3 Inspector is a solution that will help identify security risks and get the data secured through an access audit process. The Danger of a Publically Accessible Amazon S3 Bucket A simple mistake of a misconfigured S3 bucket can result in a massive data leak. This could potentially cause millions of dollars in financial losses and reputational damage. Some companies never recover from such a devastating blow to their business or the trust of their users. The Kromtech Security Center has discovered thousands of S3 services left open for public access in the last several years. Including these major discoveries: - Auto tracking company leaks hundreds of thousands of records online; - Verizon breach; - Global communication software left massive amount of data online; - Indian Credit Services Company Exposed Thousands of Customer Files; - WWE leaks 3 million emails; Why We Developed the Kromtech S3 Inspector Researchers began to see an increase in the number of instances of S3 misconfigurations. Recently we published a detailed guide, which explains how to protect your S3 buckets in detail. However, despite numerous warnings and a never ending cycle of data leaks, it seemed like those who store sensitive data online were not getting the message or unaware of the dangers. We decided to make a Simple tool that can help Amazon S3 users quickly check their S3 buckets for public access. The tool gives users a report that they can then use to shut down any unwanted public access to the S3 buckets and the valuable data they contain. This free tool can provide an extra layer of security so that users can be confident that their data is well-protected and is not accessible or being downloaded by unauthorised users. What next? Kromtech S3 Inspector gives users valuable information they can use to protect their sensitive data from security threats. We hope that by raising public awareness and giving people the tools to quickly check if they are protected from leaks. As responsible members or the cybersecurity community we hope that our hard work and dedication will reduce the occurrences of data leaks and financial, reputational damage, and cyber crimes. We are proud to offer this valuable tool for free and will continue development to include more scanning and security features. We welcome any ideas on improvements or new features to help make the Kromtech S3 Inspector better. Check it out now and feel free to send us your comments and feedback: https://github.com/kromtech/s3-inspector *** Attention - Portions of this article may be used for publication if properly referenced and credit is given to Kromtech Security Center. Do you have security tips or suggestions? Contact: email@example.com
Subscribe for the latest security news and discoveries
Thank you for subscribing to our Newsletter. To finish the subscription process, please visit your email.