Security firm reveals another NSA leak

NSA army data army data online USA army data online unprotected army communications system US army data online top secret US indian express news

NSA army data army data online USA army data online unprotected army communications system US army data online top secret US indian express news

All three files contained national security data, some of it explicitly classified and marked "TOP SECRET".

Ten days after an Amazon S3 server exposed data from the US Army's CENTCOM and PACOM divisions, security researchers have identified another S3 server instance that leaked files from INSCOM, a joint US Army and NSA agency tasked with conducting intelligence, security, and information operations.

Earlier this month, researchers at UpGuard reported that U.S. military intelligence gathering data had been stored on a misconfigured Amazon Web Services S3 server that wasn't password protected and was publicly viewable.

Just like the last Army leak, the exposed servers were found by the UpGuard team, who identified an S3 server hosting a small number of files and folders, three of which were freely downloadable. According to the report, the unsecured storage server was discovered by Chris Vickery, the director of cyber risk research at UpGuard, on 27 September 2017.

Other data found in the AWS S3 instance included an Open Virtual Appliance file, which contained a virtual hard drive and configuration data for a Linux-based virtual machine that could have been used by hackers to obtain access to the Pentagon. It also housed sensitive details about the Army's Distributed Common Ground System, a battlefield intelligence system that allows commanders in the field real-time access to classified operational intelligence.

More news: Gunman who opened fire in Reno, Nevada, is dead
More news: US Fed nominee Powell: Case for raising rates in Dec 'coming together'
More news: It's Jimmy G time: Garoppolo to make first start for 49ers Sunday

The files show that the program, called Red Disk, was meant to handle and transfer documents, videos, and audio between intelligence employees.

NSA referred questions to the intelligence command, which did not immediately respond to a request for comment. However, the system was reportedly slow, hard to use and would crash often. Poor security on AWS servers led to exposed data tied to the Pentagon, Verizon, Dow Jones and almost 200 million American voter records. ZDNet reported that Red Disk was never completely deployed and has since been considered a failure.

"Plainly put, the digital tools needed to potentially access the networks relied upon by multiple Pentagon intelligence agencies to disseminate information should not be something available to anybody entering a URL into a web browser", UpGuard said in a blog post. He informed the United States government about the "breach" in October.

However, it remains unclear as to how long the US Army's S3 bucket remained publicly exposed before it was discovered and secured. Last but not the least, Vickery reiterated that this exposure of data was "entirely avoidable" in the long list of government leaks reported a year ago.

IBTimes UK has reached out to Vickery for further clarity on the matter and is awaiting a response.

Recommended News

  • Deputies Seek Missing Inmate Who Has This Bizarre Skull Face Tattoo

    Deputies Seek Missing Inmate Who Has This Bizarre Skull Face Tattoo

    Anyone who may have seen Hughes or have information on his whereabouts is asked to call the SJSO dispatch at 209-468-4400. Sheriff's Special Teams are working to return him back to the correctional facility, according to the SJSO.
    EA loses billion in stock value after loot box debacles

    EA loses billion in stock value after loot box debacles

    Month to date through Tuesday, EA stock is down 8.5%, which has evaporated $3.1 billion in shareholder value. No offense to pink, but I don't think that's right in the canon".
    U.S.  jury acquits accused Benghazi attack organizer of most serious charges

    U.S. jury acquits accused Benghazi attack organizer of most serious charges

    Khatallah waived his right to speak first with an attorney, and prosecutors used his statements in the trial. Congressional and State Department investigations found the accusations to be untrue.
  • Viagra to go OTC in the United Kingdom , say authorities

    Viagra to go OTC in the United Kingdom , say authorities

    Pharmacists will determine whether the treatment is appropriate and can advise on dose and side effects. The move comes after authorities assessed the safety of Viagra and following public consultation.

    The Sabal Trust CO Purchases New Position in Comcast Co. (CMCSA)

    With these types of results to display analysts, are more optimistic than before, leading 14 of analysts who cover Zoetis Inc. Morgan Stanley has "Equal-Weight" rating and $48 target. (NASDAQ:NUVA) on Friday, December 11 to "Neutral" rating.
    David Otunga Wins Custody Of His Child Back, Order Of Protection Dropped

    David Otunga Wins Custody Of His Child Back, Order Of Protection Dropped

    Jennifer Hudson and her ex-fiance David Otunga are apparently working towards an amicable arrangement regarding their young son. Jennifer Hudson's former fiance fiance, David Otunga has won primary custody of their son, 8-year-old David Jr .
  • Jesus banned from buses in DC, but gay hook-up ads allowed

    Jesus banned from buses in DC, but gay hook-up ads allowed

    Even though Metro doesn't sell the ads directly, the transit authority retains control over what content is allowed. McFadden said the archdiocese has been using bus ads for major campaigns for close to ten years.
    Why Did Marathon Oil and Newfield Fall on November 27?

    Why Did Marathon Oil and Newfield Fall on November 27?

    Perennial Advisors LLC bought a new position in Marathon Petroleum Corp during the fourth quarter valued at $101,000. Guardian Life Insurance Co. of America raised its position in Marathon Petroleum Corp by 0.7% in the first quarter.
    NY  terror attack suspect pleads not guilty

    NY terror attack suspect pleads not guilty

    A court-appointed lawyer spoke on his behalf and entered a plea of not guilty. Authorities say Islamic State group propaganda was found on his cellphones.
  • Is Mike Gundy the right fit for Tennessee?

    Is Mike Gundy the right fit for Tennessee?

    Gundy, an Oklahoma native and Oklahoma State alum, has spent the majority of his career working in his home state. Despite that meaty offer on the table, Gundy does not appear like he will be on the move from Stillwater.

    Kubica completes another 100 F1 laps

    Mercedes, Ferrari and Haas have not yet announced who will take over on Wednesday from Lewis Hamilton , Räikkönen and Romain Grosjean, respectively.
    Yankees to interview Carlos Beltran for manager job

    Yankees to interview Carlos Beltran for manager job

    Multiple reports today indicate Carlos Beltran will interview for the job tomorrow . The Yankees can take their time given that they have the only vacancy in baseball.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.