News

US Military Spying Archive Left Open in Amazon Web Service

Here’s a lesson why hiring the lowest bidder usually is not the brightest idea. The US military just got caught with their pants down, leaving terabytes of data wide open. Found on Amazon Web Service S3 buckets, the data contains social media spying archives and other sensitive data. These are all gathered information by the US military to identify and profile various persons of interest.

Zero Effort Put in Security

Chris Vickery, UpGuard’s veteran security-breach hunter found the archives during a routine scan of open Amazon data silos. The data is wide open and there is no effort in security. In fact the buckets have names like centcom-backup, centcom-archive and pacom-archive directly. Centcom is abbreviation for US Central Command, while Pacom stands for Pacific Command. PACOM involves the US’ operations in Asia, China and Australasian region.

Vickery said he took 400GB of samples but “there were many terabytes of data up there”. The text archives are actually under compression. So extracting them would actually magnify the size by a factor of ten. Which means the data is significantly larger than it already appears. Dozens and dozens of terabytes, according to Vickery’s own estimate.

One of the buckets has 1.8 billion social media posts that are 8 years worth. These are from central Asia and includes comments from American citizens. The database appear to show that this is part of a social media and influencing campaign. The target of which are overseas youth to counter terrorism.

While the program itself is not questionable, the security effort in place protecting it is. Amazon actually has protections in place so that these kinds of cock-ups don’t happen. Including full folder encryption, yellow warning lights for open buckets, and tighter access controls. However, Vickery says these security features are relatively new and in place after the discovery.

This is certainly one of the most glaring displays of incompetence there is in recent memory. Which makes one wonder how many so-called sensitive government information is not secure out there. It is very easy to find even for anyone not looking. It is especially risky with several states ramping up cyber attacks and accelerating frequency of data breaches.

Ron Perillo

Disqus Comments Loading...

Recent Posts

Nvidia’s GeForce RTX 5090 Possible Price Revealed

According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…

4 hours ago

AMD Krackan Processor with 6 Zen 5 and Zen 5c Cores for Budget AI Laptops Leaked

A new AMD processor in the form of an engineering model has been leaked in…

4 hours ago

SK Hynix Begins Production of First 321-Layer NAND Chips

SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…

4 hours ago

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

8 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

8 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

8 hours ago