UpGuard’s post on their discovery of the RNC data is trending big time on the netsec subreddit. I highly recommend going to read the post if you want to know what they found. But in a nutshell, it all centers around the misconfiguration of permissions to the AWS S3 bucket where the database was stored.
I would like to say that the carelessness that was shown here is surprising, but unfortunately it’s not anything new. As I get deeper into the cloud, I see more and more parallels from my straight networking days. Permissions have always been an issue with networks in general, and now that Amazon, Microsoft, and other cloud providers are making it so easy to provision resources in the public cloud, the implications of faulty permissions are huge. This is just one example of a slew of problems, but it just so happens to be a VERY BIG example. We’re talking the potential exposure of data on nearly all 200 million US registered voters, plus the inner workings of the GOP in the last election. And no one really knows how long it was out there.
One last thing: when you go read the post, be sure to read the whole thing. Not only does the article talk about what was exposed; it also goes into the implications of that exposure that go beyond just your basic “muh data” There is some very targeted… almost metadata… about people that are derived from some sophisticated data analytics, which could lead to some very specific targeting. Kinda eerie.
*** This is a Security Bloggers Network syndicated blog from An Information Security Place authored by Michael Farnum. Read the original post at: http://infosecplace.com/blog/2017/06/20/great-post-on-the-rnc-aws-file-leak-discovery-from-upguard/