Secret US Army Data Possibly Found on Public Server

Share

A virtual disk image belonging to the NSA - essentially the contents of a hard drive - was left exposed on a public Amazon Web Services storage server.

According to UpGuard, a virtual hard drive and Linux-based operating system were discovered on the leaky server, and though the researchers seemed unaware of its exact goal, the company speculated it may be used to remotely access Defence Department data.

Earlier this month, researchers at UpGuard reported that United States military intelligence gathering data had been stored on a misconfigured Amazon Web Services S3 server that wasn't password protected and was publicly viewable. Of course, the issue isn't that security firms are digging up these unprotected pockets of classified material, it's that we have no way of knowing who else is.

Chris Vickery of UpGuard located the data and informed the government in October, and the server was secured soon after.

Robots could destroy 73 million jobs in USA by 2030
Up to 800 million people-including a third of the work force in the USA and Germany-will be made jobless by 2030, the study says.

Nonetheless, the metadata of files stored on the virtual hard drive allowed researchers to determine the SSD image held troves of highly sensitive files, some of which were classified with the TOP SECRET and NOFORN (NO FOReign Nationals) security classifiers. The three downloadable files exposed national security data, some of which were "explicitly classified".

There was information on an Army program that's created to supply soldiers with real-time intelligence on the battlefield, as well as a virtual hard drive, and a Linux-based operating system that may have been created to send and receive classified information.

The virtual snapshot also included other sensitive files such as private keys for the system to access other servers on the internal network of the intelligence agency.

More worryingly, the database also contained details about the Red Disk, which is a cloud intelligence platform owned by the Defence Department and is partially integrated into the Pentagon's DCGS-A program. ZDNet reported that Red Disk was created to complement the US Army's legacy intelligence, surveillance and reconnaissance-sharing platform - the Distributed Common Ground System (DCGS). The servers leaking confidential data are typically misconfigured by the clients. However, the system was reportedly slow, hard to use and would crash often.

Senate urges FG investigates, protects Nigerians from Libyan slavery auctions
Tackling this problem and bringing perpetrators to justice is "closely linked" to progress on ending Libya's political crisis, he said.

The project has since been discontinued, with reports noting it crashed a lot and hindered solider operations leading to Red Disk never getting fully deployed.

"Regrettably, this cloud leak was entirely avoidable", O'Sullivan added. "Given how simple the immediate solution to such an ill-conceived configuration is [.] the real question is, how can government agencies keep track of all their data and ensure they are correctly configured and secured?"

In the latest edition of "uh oh, we left that just sitting out in the open", a batch of NSA and Army files were discovered on a cloud storage server with no password protection, accessible to anyone with the URL.

NBC Fires Matt Lauer Over "Inappropriate Sexual Behavior"
Trump himself faced accusations of sexual harassment from multiple women during the 2016 presidential campaign. Lauer is one of several high profile journalists to be fired after sexual misconduct allegations .

Share