Five percent of AWS set to “world read”
“Want to modify our S3 records? Have at it. Want to inject malicious code? Even better”
An increase in organisations’ use of cloud services to store sensitive information and a greater reliance on collaboration services for more effective working are posing a security risk, says a McAfee cloud report.
The cybersecurity company said it identifies 2,269 misconfiguration incidents per month, in which information is unwittingly made freely available.
The security firm analysed millions of events of anonymous customers for its Cloud Adoption and Risk Report. It found that 21 percent of all files in the cloud contain sensitive data, up 17 percent over the past two years.
McAfee said the risk of exposure increases with the need for improved fluidity between devices at work: “Collaboration means sharing, and that sharing can lead to the loss of our sensitive data.”
Sharing sensitive data with an open, publicly accessible link has increased by 23 percent over the past two years, McAfee said.
14 percent of cloud files containing data are shared to personal email addresses, and 12 percent to anyone with a link – two “red flags”.
“Anyone using a corporate cloud account and sending data to a personal email address is invariably removing that data from any oversight by the information security team.
“Even worse however is data shared to anyone with an open link, potentially leading to uncontrollable sprawl of data to completely unknown individuals and organisations.
An average organisation generates more than 3.2 billion unique transactions in cloud services each month, such as user login, the uploading of files, or document editing.
Organisations also experience 12.2 incidents each month where an unauthorised third-party has used stolen account credentials to access corporate data stored in the cloud.
Enterprise vs Consumer Cloud at Work
McAfee revealed that an average company’s cloud use is made up 70 percent enterprise services and 30 percent consumer services – and the majority of consumer cloud use at work comes in the form of social media.
Office 365 is the top enterprise cloud service by user count, followed by Salesforce and Cisco WebEx.
365’s increased popularity has resulted in a larger increase in sensitive data flowing through cloud-based email – one of the easiest vectors for data loss.
In consumer, the top 10 consumer cloud services were Facebook, YouTube, Gmail, Twitter, LinkedIn, Apple iCloud, Google Drive, Dropbox, Skype, and WhatsApp.
Facebook is still the most commonly used social media app at work, followed by Twitter and LinkedIn.
5% of AWS Storage set to “World Read”
The McAfee cloud report also said enterprises using IaaS/PaaS have 14 misconfigured services running at any given time — resulting in an average of 2,269 misconfiguration incidents per month.
The report estimates that around 5.5 per cent of all AWS S3 storage instances are set to “world read”.
This means that anyone with the address of the S3 would be able to access the bucket’s contents.
“On average, we see that enterprise organisations have at least 1 AWS 3S bucket set with ‘open write’ permissions, giving anyone in the world access to inject their own data into our environments.
“Want to modify our S3 records? Have at it. Want to inject malicious code? Even better. This one is an open book (literally), and needs to be checked and shut down both for the S3 buckets we own and the ones from third and fourth parties,” McAfee added.
Data use and Deletion
Over the 25,000 cloud services in use, only 8 percent meet McAfee’s data security and privacy requirements.
Only 37.3 percent of providers specify that customer data is owned by the customer — the rest either claim ownership over all data uploaded, or don’t specify.
13.3 percent of providers delete data immediately on account termination. The rest keep data up to one year.