Itpa webheader

Cybercriminals scanning for exposed AWS data buckets


By Dylan Bushell-Embling
Wednesday, 10 April, 2019


Cybercriminals scanning for exposed AWS data buckets

Cybercriminals are actively scanning the web for weak open AWS cloud data buckets and are ready to respond at a moment’s notice if a weakness is discovered, an experiment from network security company Sophos shows.

Sophos established a series of cloud ‘honeypots’ — designed to masquerade as legitimate poorly secured data buckets to serve as an enticing target for attackers — at 10 AWS data centres around the world, including in Sydney.

These cloud server honeypots were on average attacked within 40 minutes, with one of the honeypots being attacked within just 52 seconds of going live.

During the 30-day period the honeypots were in operation, the 10 servers attracted a combined 5 million attempted attacks.

As well as using a compromised AWS data bucket to exfiltrate data, cybercriminals also use breached cloud servers as entry points for attacks on other servers or networks.

“The aggressive speed and scale of attacks on the honeypots shows how relentlessly persistent cybercriminals are and indicates they are using botnets to target an organisation’s cloud platforms. In some instances, it may be a human attacker, but regardless, companies need a security strategy to protect what they are putting into the cloud,” Sophos Security Specialist Matthew Boddy said.

“The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing.”

Image credit: ©stock.adobe.com/au/thodonal

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related Articles

Security vs national security

The tug of war over certain companies being allowed to contribute to 5G networks is spilling over...

Half of data held by A/NZ businesses is 'dark'

Half of data held by organisations in Australia and New Zealand remains unclassified or untagged,...

What limits should there be on tracking in public?

Tracking via facial recognition, Wi-Fi and other means is spreading. As IT professionals, what...


  • All content Copyright © 2019 Westwick-Farrow Pty Ltd