100 GB of US Army Red Tape Classified Leaked - Yet Another NSA & Pentagon Shocker!

Following the Wikileaks in 2013 by Edward Snowden an Ex NSA agent there have been multiple leaks thanks to contractors, NSA’s own employees or some security bad practices. In a latest of what seems like an endless stream of confidential and potentially devastating leaks. Recently Chris Vickery, a Cyber Security Expert has revealed that over 100 GBs of data from an Army intelligence program codenamed Red Disk was left unprotected. 
The disk image belongs to the US Army’s Intelligence and Security Command (INSCOM), which is a division of both the Army and the NSA. While the Amazon Web Services storage server was unlisted, it was public and without a password, leaving the data out in the open for anyone to download.  Vickery had apparently informed the government of this “breach” in October, after which the server was secured. It can’t be known who might have downloaded this data before it was secured. Researchers said that private keys used to access intelligence systems and hashed passwords were also left publicly exposed. These, if accessed by malicious hackers, "could be used to further access internal systems". "The news about US Army intelligence data being leaked through a misconfigured AWS S3 storage bucket, while alarming, is not surprising. More than half (53%) of organisations have accidentally exposed cloud storage services, including the information they contain, to the general public due to simple configuration errors," says Cyber Defence Expert.

No comments