US Army and NSA Files Left Exposed Online on Amazon S3 Server
Ten days after an Amazon S3 server exposed data from the US Army's CENTCOM and PACOM divisions, security researchers have identified another S3 server instance that leaked files from INSCOM, a joint US Army and NSA agency tasked with conducting intelligence, security, and information operations.
Of these three, researchers said that one was an Oracle Virtual Appliance (.ova) file that was an image of a virtual machine running a Linux-based operating system and an attached virtual hard drive. Researchers were not able to boot the OS or access any of the files stored on the virtual hard drive. Nonetheless, the metadata of files stored on the virtual hard drive allowed researchers to determine the SSD image held troves of highly sensitive files.
In addition, a folder in the same VM image also indicated that the system was also part of Red Disk, a cloud computing platform that was part of the Distributed Common Ground System-Army (DCGS-A), a "battlefield intelligence platform" developed by the DOD. Early tests showed the platform was incredibly slow, and mostly hindered existing operations. The project never made it out of the testing stage, and the DOD eventually scraped it in 2014.
Regrettably, this cloud leak was entirely avoidable, the likely result of process errors within an IT environment that lacked the procedures needed. That being said, It was an intelligence distribution system under development, not raw intelligence. The researcher that discovered the data, didn't disclosed anything.