Itpa webheader

Cybercriminals scanning for exposed AWS data buckets


By Dylan Bushell-Embling
Wednesday, 10 April, 2019



Cybercriminals scanning for exposed AWS data buckets

Cybercriminals are actively scanning the web for weak open AWS cloud data buckets and are ready to respond at a moment’s notice if a weakness is discovered, an experiment from network security company Sophos shows.

Sophos established a series of cloud ‘honeypots’ — designed to masquerade as legitimate poorly secured data buckets to serve as an enticing target for attackers — at 10 AWS data centres around the world, including in Sydney.

These cloud server honeypots were on average attacked within 40 minutes, with one of the honeypots being attacked within just 52 seconds of going live.

During the 30-day period the honeypots were in operation, the 10 servers attracted a combined 5 million attempted attacks.

As well as using a compromised AWS data bucket to exfiltrate data, cybercriminals also use breached cloud servers as entry points for attacks on other servers or networks.

“The aggressive speed and scale of attacks on the honeypots shows how relentlessly persistent cybercriminals are and indicates they are using botnets to target an organisation’s cloud platforms. In some instances, it may be a human attacker, but regardless, companies need a security strategy to protect what they are putting into the cloud,” Sophos Security Specialist Matthew Boddy said.

“The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing.”

Image credit: ©stock.adobe.com/au/thodonal

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related Articles

Another week, another privacy breach

As news breaks of 15 million Victorian commuters having their travelling records poorly...

Privacy briefing: are you keeping your customers' data safe?

Join privacy experts and your IT peers to learn best-practice methodologies to help you comply...

Thousands of devices at risk from BlueKeep exploit: ASD

Up to 50,000 devices owned by Australian organisations are at risk following the discovery of a...


  • All content Copyright © 2019 Westwick-Farrow Pty Ltd