Summary: A study by watchTowr reveals that numerous abandoned AWS S3 buckets, previously utilized by military and government entities, pose serious security risks by remaining accessible to malicious actors. The report highlights that these buckets still receive millions of requests, potentially allowing hackers to exploit sensitive data. The findings emphasize the need for better infrastructure management and preventative measures to address the dangers of abandoned resources.
Affected: Military organizations, government entities, cybersecurity companies
Keypoints :
- Over 150 abandoned S3 buckets received more than 8 million HTTP requests in two months, remaining vulnerable to attacks.
- The research emphasized the inherent security risks related to abandoned cloud infrastructure and the potential for malfeasance using outdated resources.
- WatchTowr’s CEO suggested AWS could improve security by preventing the re-registration of previously used bucket names to eliminate the issue of abandonment.
Source: https://therecord.media/researchers-warn-of-risks-tied-to-abandoned-cloud-storage-buckets