Pentagon left public intelligence gathering data on exposed server

Even intelligence gatherers aren’t immune to making mistakes that leave data wide open. Researchers at UpGuard have revealed that the US military’s Central Command and Pacific Command left “at least” 1.8 billion collected internet posts exposed on a misconfigured Amazon Web Services S3 server. Some of the data goes as far back as 2009. There doesn’t appear to be any private content in the mix, and it’s not clear that malicious intruders accessed it before the Department of Defense locked things down on October 1st (after notification from UpGuard). However, the exposure still raises concerns about both the government’s approach to security and the kind of information it’s collecting.

A large part of the data includes content that you’d expect the military to scrape, such as news articles and social network posts relating to ISIS as well as politics from hotbeds like Iraq and Pakistan. Some of it included social posts from Americans, however, and the discussions included relatively innocuous subjects like American music stars and the Pope. That raises questions about what criteria triggered the data collection (certain keywords, for example) and whether or not its search is overly broad. While it can be important to cast a wide net, this could hurt more than it helps.

And of course, the misconfiguration suggests that officials weren’t diligent in keeping information secure. It might have been public data, but a hostile country could have studied the information to see what the US military was looking for and taken steps to keep its public material under the radar.

The good news: this could be less common going forward. Amazon recently added indicators and other measures to make it patently clear that S3 server data is publicly accessible. Even so, the incident suggests that intelligence collectors may need to rethink their security policies to make sure this kind of exposure can’t happen again.

Via: CNN, PCMag

Source: UpGuard

Engadget RSS Feed

Post Author: martin

Martin is an enthusiastic programmer, a webdeveloper and a young entrepreneur. He is intereted into computers for a long time. In the age of 10 he has programmed his first website and since then he has been working on web technologies until now. He is the Founder and Editor-in-Chief of and Online Magazines. His colleagues appreciate him as a passionate workhorse, a fan of new technologies, an eternal optimist and a dreamer, but especially the soul of the team for whom he can do anything in the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.