Pentagon left public intelligence gathering data on exposed server
Even intelligence gatherers aren’t immune to making mistakes that leave data wide open. Researchers at UpGuard have revealed that the US military’s Central Command and Pacific Command left “at least” 1.8 billion collected internet posts exposed on a misconfigured Amazon Web Services S3 server. Some of the data goes as far back as 2009. There doesn’t appear to be any private content in the mix, and it’s not clear that malicious intruders accessed it before the Department of Defense locked things down on October 1st (after notification from UpGuard). However, the exposure still raises concerns about both the government’s approach to security and the kind of information it’s collecting.
A large part of the data includes content that you’d expect the military to scrape, such as news articles and social network posts relating to ISIS as well as politics from hotbeds like Iraq and Pakistan. Some of it included social posts from Americans, however, and the discussions included relatively innocuous subjects like American music stars and the Pope. That raises questions about what criteria triggered the data collection (certain keywords, for example) and whether or not its search is overly broad. While it can be important to cast a wide net, this could hurt more than it helps.
And of course, the misconfiguration suggests that officials weren’t diligent in keeping information secure. It might have been public data, but a hostile country could have studied the information to see what the US military was looking for and taken steps to keep its public material under the radar.
The good news: this could be less common going forward. Amazon recently added indicators and other measures to make it patently clear that S3 server data is publicly accessible. Even so, the incident suggests that intelligence collectors may need to rethink their security policies to make sure this kind of exposure can’t happen again.
(38)