James Thew - Fotolia
Australia’s national broadcaster Australian Broadcasting Corporation (ABC) has inadvertently exposed sensitive data, including information on production services and stock files held at Amazon’s S3 cloud storage service.
The blunder was reported on l6 November 2017 by Kromtech, a cyber security expert, which attributed the data leak to at least two misconfigured S3 buckets that could be accessed publicly.
According to Kromtech, the leaked data also comprised database backups, along with e-mail addresses, login information and hashed passwords used by ABC Commercial users, including members of the media, to access ABC’s content.
Kromtech said the S3 bucket was indexed by Censys, a search engine backed by internet-wide scanning, giving anyone with an internet connection the ability to browse the leaked data. The incident surfaced during a regular security audit conducted by Kromtech on 14 November 2017.
“It is unclear who else may have had access to ABC’s data or content. A majority of what would be considered sensitive or identifiable data came from the daily backups of ABC Commercial’s MySQL database,” Kromtech said, adding that all affected S3 buckets were successfully secured in minutes.
ABC Commercial is the ABC’s commercial arm that markets and sells ABC’s services and content used by media producers from all over the world in exchange for royalties.
The latest data breach follows an earlier incident in 2013 when an ABC-commissioned forum website was reportedly hacked, exposing data such as usernames and email addresses of some 50,000 users.
More recently in September 2017, Accenture reportedly exposed highly sensitive data about its cloud platform, inner workings, client information and 40,000 plain text passwords, also due to misconfigured S3 storage buckets.
While Amazon has recently introduced new S3 encryption and security features, such as default encryption and permission checks, cyber security experts have said that such data leaks could have been averted if basic cyber security hygiene practices were in place.
Read more about cyber security in Australia
- Biometrics and pattern recognition, coupled with data from internet of things sensors, will provide the fabric of future smart ecosystems.
- Amid growing cyber threats, Australia’s cyber security centre calls for businesses to be more open about cyber incidents and plug potential loopholes in their supply chains.
- Telcos such as Telstra and industry associations in Australia are chipping in to help enterprises that are being targeted by cyber criminals with phishing and social engineering exploits.
- Demand for security testing, which should be conducted from the onset rather than as an afterthought, is growing in Australia.
Yun Zhi Lin, vice-president of engineering in the Asia-Pacific region at global consultancy Contino, told Computer Weekly that organisations could use more suitable services for storing sensitive data, such as Amazon Web Services (AWS) Parameter Store or Key Management Service. The data could also be protected with server side encryption, and accessible only via virtual private cloud resources.
Raj Samani, chief scientist and fellow at McAfee, said the recent host of data breaches haven’t been caused by malicious actors, but rather by human error. “The reality is that as more companies become focused on their cyber security strategy many are unconsciously shooting themselves in the foot in their efforts to be secure,” he said.
“It is now not unusual for companies to have over 10 security tools to monitor, meaning that unsecured data becomes much harder to spot. The cyber security industry needs to focus on making sure that tools can operate together, removing siloed security teams and making it easier for companies to protect data, detect potential threats, and work to effectively correct them.”