Amazon Web Servers (AWS) has over a million customers, with a worldwide presence. However, its cyber defenses aren’t as impenetrable as you might think.
AWS has created a well-merited reputation for security. That same fact might lull users into a sense of complacency and lead to devastating hacks.
But just take into account that security researchers have released warnings that the AWS system may not be as secure as we thought.
Is your business at risk? It probably is.
Read on to find out more.
Security Researchers Warn About Amazon Web Servers
AWS is the most widespread and comprehensive cloud-computing platform.
Thus, it is a matter of deep concern that security researchers have warned us that there is something wrong with it.
According to the Mitigia researches, adversaries are building malware-filled with Community Amazon Machine Images, which they are then providing to AWS clients.
Amazon Machine Image is used by several Amazon clients to create virtual machines with the EC2 or Elastic Compute Cloud.
EC2 is a platform for renting virtual computers to run applications.
The researchers from Mitigia found malicious instances of Windows Server 2008 running on a community AMI. It had a cryptojacking miner in it that was mining the Monero cryptocurrency for the past five years.
Community AMIs Can Be Compromised
Amazon Web Services does not verify community
AMIs. Meaning, anyone can create AMI and make it public.
As was seen in the above cryptojacking case, such AMIs can be malicious and compromise your organization.
Mitigia’s co-founder Ofer Maor said, “Vulnerabilities of the kind found in AWS AMIs post significant risks.”
He added that “The code embedded in such AMIs might have malware, ransomware or other attack vectors.“
Considering all this, getting your AMIs from AWS Marketplace and verified vendors would be prudent.
The Capital One Hack: Amazon Denies Responsibility
The FinServ organization Capital One uses Amazon Web Services.
Recently, a misconfigured firewall compromised the data of 100 million of its users in the USA and 6 million in Canada.
The company suffered from reputational and financial losses but did AWS take any responsibility? Of course not.
In its fine print, Amazon clearly states that clients are responsible for the security of their information.
According to Amazon’s statement, “AWS did not suffer a breach and worked as it was designed.”
The statement added that “The adversary gained access via a misconfigured web application and not the underlying cloud infrastructure.”
This AWS Breach Wasn’t the Only One
AWS Vulnerable buckets (cloud storage resources) have led to a surprising number of breaches in the past few years.
UpGuard revealed in July that client data from several firms like Ford and Netflix was exposed due to a misconfigured server.
Even Government data is not safe. The information of over 200 million voters was compromised from an insecure database in 2017.
Again, the answer from Amazon was worrying: “Sophisticated controls, both physical and technical,” that clients should use to prevent unauthorized access to data.
How You Protect Yourself from AWS Hacking
You know now that AWS can be hacked in several ways, but you can still take steps to safeguard yourself.
Learn first what are the methods used, and then what can you do to combat them:
- Phishing & Spear-Phishing – Cybercriminals may send spoofed emails or create a genuine-looking website to steal your valuable information. This can be lowly or highly-targeted, depending on the size of your organization.
Therefore, you can use dedicated anti-phishing solutions and provide security awareness training to all your employees.
One way to counter such an attack is to follow the principle of least privilege. POLP will reduce the chances of a dangerous breach in case an account gets compromised.
- Password Compromise – If you use the same passwords on multiple sites, the chances are that one of them will get compromised. Anyone could hack your AWS account with it.
Have an organization-wide password policy and make use of a password manager to prevent such breaches.
- Losing Access Keys: Amazon provides access keys for letting users control cloud servers. These are extremely confidential and should not fall into the wrong hands.
Some precautions to take are to rotate your keys regularly, encrypt them, not generate access keys for root accounts, and avoid transferring them via insecure channels.
Amazon Web Services won’t stop being popular due to the previously mentioned security compromises.
Same for you. If you use them right now, then you won’t change that after reading this piece.
Still, taking the necessary precautions, such as configuring servers and firewalls properly, will at least protect your organization from breaches.
But there’s still a chance to lose your servers.
What can you do about it?
Contact our team at My IT Guy for Business IT Support today, to get the proper safeguards in place.