An Enterprise Leader in the Delivery of Strategic Technology Solutions

Amazon AWS Servers: How Secure Are They?


An article posted on February 21, by Bleeping Computer contained one account after another of experts that confirmed Amazon AWS S3 ransom attacks are definitely a possibility and go on to describe how they are actually extremely probable, especially after similar instances prevailed in recent security news. They draw a close association for how they might become a reality in the near future, similar to the MongoDB and other notable ransom attacks that plagued 2017.

Similar to the epidemic of ransom attacks in the recent past, experts believe that Amazon AWS S3 units of storage are vulnerable. It is thought that it’s just a matter of time before hacker groups could begin to target S3 publicly-writeable buckets—those that allow any user to write or delete data. The site reported that 7% of all Amazon AWS S3 buckets were publicly-writable, exposing them to ransom attacks, likely similar to the 2017 attacks that left exposed server users with a choice to pay hackers to recover their data that had been wiped. Many of these attacks, even those that paid hackers, left victims without the promised data, as predatory attackers didn’t have enough storage space to back up wiped data.

The attacks that AWS S3 users face may not look identical to these previous incidents, however, there is a huge potential for owners to put themselves at risk by misconfiguring servers to mistakenly allow read-write access to outsiders. One security researcher even wrote a script to test the possibility of mass deletion of files and confirmed that it is feasible.

There are some researchers that have been looking into publicly-writeable S3 buckets and have taken it upon themselves to leave warnings to server owners, prompting them to change their settings, lest they become victim to hackers that are able to write to the exposed bucket.

What are the associated risks?

While instances like the MongoDB stand as warnings for the possible threat for AWS S3 servers on a large sweeping scale, the actual risks tend to be much lower due to mitigating factors and technical difficulties. For example, they cite an expert, Chris Vickery stating, “[t]he number of possible S3 bucket names is humongous and the rate at which you can query for [a possible bucket name’s] existence is not as high as port scanning.” This statement relates to an amount of possible names that could be guessed per second, posing greater limitations for hackers than other servers that have fallen victim to attacks in the past.

While it seems many experts are still discussing the vulnerability of AWS S3 servers, there are technical constraints that drastically alleviate accessible threats, but for sophisticated attackers—a low number when compared to the swell of ransom attacks in 2017. With that being said, they have found that loads of sensitive data are being held on AWS S3 servers which causes additional incentive for hackers to target these buckets.

One security researcher that was interviewed, Victor Gevers, reports, “[w]e have found medical data, military data, law enforcement body-cam videos, intellectual property [source code and business cases], network designs, many backup archive files, private keys, Bitcoin wallet files and documents with filenames which were clearly not supposed to be exposed ‘publicly’.”

What do possible attacks have to do with the new GDPR regulation?

Other threats that experts have projected for the AWS S3 servers deal with the alternative storage type—the read-able S3 buckets. The risk of ransom is prevalent with these types of servers through the possibility of attack, viewed to hit servers after the EU GDPR goes into effect on May 25, of this year. Supposedly, experts believe that after this stringent regulation is enforceable, compliance to which many companies have dreaded and dragged their feet to implement, a wave of actors suddenly have the opportunity to create snapshots of the servers that are exposed and will then contact companies, thereby blackmailing server owners, threatening to report them to EU authorities. With the outrageous fines associated with the implementation of the GDPR, this isn’t a small threat. It also illuminates the fact that hackers are often motivated to be more intricate and exhaustive than those organizations that are held to rigorous regulatory standards.

Are large cloud hosting services the best answer for your organization?

As this article outlines, there are major risks around the large host Amazon AWS S3 servers that many might be unaware of. While there are still many aspects that might deter hackers from hitting users with an epidemic to the likes of the 2017 attacks, there is still cause for caution around the hosting giant. If users aren’t privy to proper setup in settings to safeguard sensitive data, there is a possibility that they are at risk in a scary landscape of constantly evolving cyber threat. To be fair, Amazon has increased their efforts to help server owners increase security protection through the use of a check tool that helps customers analyze their settings to make sure they have the proper permissions running. But is that enough to make sure their customers are kept safe from the outlined threats that will likely focus on the vulnerabilities that have been discovered?

Knowing what we do about these possibilities, one could argue that a closer, hands-on approach to cloud hosting could be an alternate resolution. With the constancy and persistence of evermore advanced threats, it has become an immense job to keep attackers at bay and properly manage all of your security threats. While AWS S3 servers have overwhelmed the market for cloud-seeking consumers, it goes to show that even they are at risk of losing the loyalty of customers if they aren’t willing to provide extensive safeguards to protect users. AWS S3 servers should be under scrutiny and challenged to provide the most painstakingly attentive approach to security efforts because their trusting customers have a lot to lose if a ransom attacks threatens sensitive information.

With the trend of large cloud-based solutions like AWS and other industry-leading competitors, it’s easy to follow suit and lead your organization into one of these easily considered solutions. But with such a large base of customers, are they always able to provide the most detailed and customer conscious services? Threats like the ones that have been illuminated this past week are a great example of gaps in security measures that can happen to anyone, but perhaps committing your data to a cloud server should constitute more thorough discrimination and a hands-on user experience. Many smaller companies with IT solutions offer the same great solution of using cloud services, but are meticulous in deploying the greatest protection to their customers. A commitment to customer service and adherence to the strictest regulations are motivation to provide a focused and personal experience that, as we have seen, may be lacking in larger arenas.

For more information on compliance and security measures, or to schedule a full risk assessment on your organization, contact Crossroads Technologies, Advisory Services Division, at 1 (800) 548-3893 or This email address is being protected from spambots. You need JavaScript enabled to view it.

Articles You Might Find Interesting:
Net Neutrality and The Cloud
What could the Lack of Net Neutrality Mean for You?-Video
Update Your Cyber Security Measures in 2018
A Closer Look at the New CMS Texting Guidelines for Healthcare

Share this article:

Older Posts

Archive