A virtual disk image belonging to the NSA - essentially the contents of a hard drive - was left exposed on a public Amazon Web Services storage server.
According to UpGuard, a virtual hard drive and Linux-based operating system were discovered on the leaky server, and though the researchers seemed unaware of its exact goal, the company speculated it may be used to remotely access Defence Department data.
Earlier this month, researchers at UpGuard reported that United States military intelligence gathering data had been stored on a misconfigured Amazon Web Services S3 server that wasn't password protected and was publicly viewable. Of course, the issue isn't that security firms are digging up these unprotected pockets of classified material, it's that we have no way of knowing who else is.
Chris Vickery of UpGuard located the data and informed the government in October, and the server was secured soon after.
Google changes its blasphemous ways with a proper burger emoji
Emojipedia website states that the hamburger emoji was approved in Unicode 6.0 back in 2010 and was added in Emoji 1.0 in 2015. After outcry earlier this year regarding Google's emojis on Android, specifically around its version of a cheeseburger.
Nonetheless, the metadata of files stored on the virtual hard drive allowed researchers to determine the SSD image held troves of highly sensitive files, some of which were classified with the TOP SECRET and NOFORN (NO FOReign Nationals) security classifiers. The three downloadable files exposed national security data, some of which were "explicitly classified".
There was information on an Army program that's created to supply soldiers with real-time intelligence on the battlefield, as well as a virtual hard drive, and a Linux-based operating system that may have been created to send and receive classified information.
The virtual snapshot also included other sensitive files such as private keys for the system to access other servers on the internal network of the intelligence agency.
More worryingly, the database also contained details about the Red Disk, which is a cloud intelligence platform owned by the Defence Department and is partially integrated into the Pentagon's DCGS-A program. ZDNet reported that Red Disk was created to complement the US Army's legacy intelligence, surveillance and reconnaissance-sharing platform - the Distributed Common Ground System (DCGS). The servers leaking confidential data are typically misconfigured by the clients. However, the system was reportedly slow, hard to use and would crash often.
Senate urges FG investigates, protects Nigerians from Libyan slavery auctions
Tackling this problem and bringing perpetrators to justice is "closely linked" to progress on ending Libya's political crisis, he said.
The project has since been discontinued, with reports noting it crashed a lot and hindered solider operations leading to Red Disk never getting fully deployed.
"Regrettably, this cloud leak was entirely avoidable", O'Sullivan added. "Given how simple the immediate solution to such an ill-conceived configuration is [.] the real question is, how can government agencies keep track of all their data and ensure they are correctly configured and secured?"
In the latest edition of "uh oh, we left that just sitting out in the open", a batch of NSA and Army files were discovered on a cloud storage server with no password protection, accessible to anyone with the URL.
Mostly sunny skies set for your Wednesday
Another cold front brings a chance for some accumulating snowfall Friday with another ridge of high pressure moving in Saturday . The normal high temperature for this time of year in the Harrisburg area is 48, the normal low is 31.