Data exposure reports have reached a dizzying pace in the past few months, and the security community has been focused on the risk from multiple angles. Now, a new study from HTTPCS gives us new insight into rates of vulnerable S3 configurations.
HTTPCS scanned s3.amazonaws.com addresses looking for storage “buckets” and logged data on which were empty, which contained publicly readable files, and critically, which buckets were writable.
Out of the 100,000 buckets found, 10% were public in that they allowed any worldwide user some form of access. This statistic is in line with the previously reported research of public bucket numbers near 7%. Importantly, we now have greater insight into how these public buckets are configured.
58% of the public buckets contained readable files. This means that the potential for a data breach is there, but there are many reasons to have readable files publicly accessible, so this does not tell us the bucket is necessarily vulnerable.
Most crucially, the research shows that 20% of publicly accessible buckets are writable.
Simply put, public read/write access is a devastating vulnerability that gives attackers complete ownership of the S3 bucket.
This is a Security Bloggers Network syndicated blog post authored by Ben Layer. Read the original post at: The State of Security