CYBER WARS
1.5 bn sensitive documents on open internet: researchers
 by Staff Writers
 Washington (AFP) April 5, 2018

Some 1.5 billion sensitive online files, from pay stubs to medical scans to patent applications, are visible on the open internet, security researchers said Thursday.

Researchers from the cybersecurity firm Digital Shadows said a scanning tool used in the first three months of 2018 found mountains of private data online from people and companies across the world.

The unprotected data amounted to some 12 petabytes, or four thousand times larger than the "Panama Papers" document trove which exposed potential corruption in dozens of countries.

"These are files that are freely available" to anyone with minimal technical knowledge, said Rick Holland, a vice president at Digital Shadows.

Holland told AFP his team scanned the web and found unsecured files, adding "we didn't authenticate to anything."

The availability of open data makes it easier for hackers, nation-states or rival companies to steal sensitive information, Holland said.

"It makes attackers' jobs much easier. It shortens the reconnaissance phase," he added.

The researchers said in the report that even amid growing concerns about hackers attacking sensitive data, "we aren't focusing on our external digital footprints and the data that is already publicly available via misconfigured cloud storage, file exchange protocols, and file sharing services."

A significant amount of the data left open was from payroll and tax return files, which accounted for 700,000 and 60,000 files respectively, Digital Shadows said.

It noted medical files and lists were also weakly protected, with some 2.2 million body scans open to inspection.

Many corporate secrets were also out in the open including designs, patent summaries and details of yet-to-be-released products.

"While organizations may consider insiders, network intrusions and phishing campaigns as sources of corporate espionage, these findings demonstrate that there is already a large amount of sensitive data publicly available," the report said.

The researchers said about 36 percent of the files were located in the European Union. The United States had the largest amount for a single country at 16 percent, but exposed files were also seen around the world including in Asia and the Middle East.

About seven percent of the data was in "misconfigured" cloud Amazon cloud computing storage. Holland said the main problem was not in the cloud computing itself but how users manage their data.

In some cases, users "are backing up their data to the (open) web without knowing it," Holland said.

The majority of the files found by Digital Shadows were exposed by poor security practices in servers and file-sharing protocols.

"Third parties and contractors were among the most common sources of sensitive data exposure," the report said.


Related Links
 Cyberwar - Internet Security News - Systems and Policy Issues
CYBER WARS
Foreign companies in China brace for VPN crackdown
 Beijing (AFP) March 30, 2018
 Chinese people and foreign firms are girding for a weekend deadline that will curb the use of unlicensed software to circumvent internet controls, as the government plugs holes in its "Great Firewall". A virtual private network (VPN) can tunnel through the country's sophisticated barrier of online filters to access the global internet. VPNs give users a way to see blocked websites such as Facebook, Twitter, Google and Western news outlets, as well as certain business network tools such as timesh ... read more

Comment using your Disqus, Facebook, Google or Twitter login.
Share this article via these popular social media networks
del.icio.usdel.icio.us DiggDigg RedditReddit GoogleGoogle

CYBER WARS
Saudi Arabia, Romania to receive Patriot missile systems, support

 Estonia calls for deployment of Patriot missiles and US troops

 UN chief condemns Yemen missile attacks on Saudi Arabia

 Saudis intercept seven Yemen rebel missiles in deadly escalation
CYBER WARS
Russian delivery of S-400 missiles brought forward to July 2019

 Russia, Turkey agree to speed up delivery of S-400s: Putin

 Air Force taps Raytheon for AMRAAMs for foreign military sales

 RUAG Aviation wins $25M Sidewinder missile support contract
CYBER WARS
Israeli drone crashes in southern Lebanon

 OFFSET "Sprinters" to Pursue State-of-the-art Solutions for Second Swarm Sprint

 Insitu tapped to manage ScanEagle UAS in Afghanistan

 CPI Antenna receives new contract for UAV comms from Cubic Mission
CYBER WARS
Indian scientists lose contact with satellite

 Russian Soyuz launches military satellite

 India Struggling to Establish Lost Link With Crucial Communication Satellite

 India set to launch S-Band satellite for military communications
CYBER WARS
BAE delivers Armored Multipurpose Vehicles to Army for testing

 Lightweight metal foam blocks blastwave, debris from high-explosive rounds

 Harris Corp. tapped to provide electronic warfare technology to Kuwait

 L-3 to provide mortar fuzes to Afghanistan, Bahrain
CYBER WARS
74% of French people against weapons sales to Saudi: poll

 Mattis wins big with budget victory

 US approves $1 billion in Saudi defense contracts

 France opens 400 million euro credit line for Lebanon
CYBER WARS
Pentagon hustles to jump in line with Trump's border directive

 China denies detaining underground bishop

 Washington, Beijing flexing muscles in trade dispute

 US gives boats to Vietnam amid South China Sea tensions
CYBER WARS
A treasure trove for nanotechnology experts

 UCLA researchers develop a new class of two-dimensional materials

 Nanostructures made of previously impossible material

 Mining hardware helps scientists gain insight into silicon nanoparticles