As I have been posting on my Linked in Page, some of you that follow me there know that I am in the midst of writing a 5th book. The first three have already been published by CRC Press and Routledge. The 4th book that I wrote was the online course content for a startup company wanting to creating an interactive training session for the CySA+ exam.
It hasn’t been published officially by a publisher, but the content is out there, and it’s pretty hefty. The compiled pages total almost 200 pages worth of content.
My 5th book takes a completely different route now. I am now writing about the Cloud, and this book is entitled “Protecting IT Assets and IT Infrastructure in The Cloud”. This book covers such topics as the theoretical concepts of the Cloud, the Cyber threats that are posed to any Cloud Computing environment, the appropriate risk mitigation strategies that one should take. There is also content on how to use the Cloud for both backup and recovery procedures.
I also wanted to mention that I have been both honored and totally blessed to have a great co author to help me write this book, he is from Australia. It is important to note as well that in this book, there is a huge chunk of content devoted on the Amazon Web Services, or the AWS for short.
To give you a preview, I talk about each and every major component of the AWS and get into the nitty gritty that go with the “Elastic Cloud Compute” (“EC2” for short), and the “Simple Storage Services” (“S3”) for short.
The former serves as the big engine and backbone which forms the AWS, and the latter is a very sophisticated storage service for storing source code interfaces and objects. I would love to tell you more, but you gotta buy the book in order to get these details! Anticipated publication date is hopefully by next summer.
The reason why I bring up the EC2 and the S3 is that in my perusing for the news headlines today, I came across two Security breaches that just occurred on the S3. In the first instance, there was a mis configured AWS S3 bucket owned and operated by Robocent, which is a political robocalling company based out of Virginia Beach, VA.
In this instance, the S3 “bucket” (similar to a partition in a hard drive”) contained a total of 2,594 files, that included the audio files for making robocalls to potential voters and spreadsheets containing US voters’ contact details. These details included the following:
- Voters’ names;
- Year of birth;
- Phone number;
- Political affiliation;
- Demographic info such as ethnicity and education level.
These are the kinds of information that a Cyber attacker would love to have in order to launch an all-out, massive Spear Phishing campaign. But the worst is not over in this instance. Apparently, “the company’s self-titled bucket has been indexed by GrayhatWarfare, a searchable database where a current list of 48,623 open S3 buckets can be found.” (SOURCE: https://www.theregister.co.uk/2018/07/18/kromtech_open_buckets/).
In the second Security breach regarding the S3 bucket, Cyber security researchers uncovered an exposed mongoDB instance that contained both credit card numbers and payment details of customers. Worst yet, this breach was then interlinked to Facebook and hijacked email accounts. This data came from freemium games.
After putting these two pieces of the puzzle together, the Cyber researchers then finally discovered what was going on. The stolen credit cards data was being combined with the Facebook and email data to establish phony Apple IDs on hundreds of jailbroken iPhones.
Then on these iPhones, fake freemium game accounts could then be set up. In simpler terms, the Cyber attackers were then using these fake game accounts on the jailbroken iPhones in order to hijack funds from the stolen credit cards via the freemium games. How was this discovered? You’d laugh at this one: Even though the Cyber attackers that launched this campaign were extremely sophisticated, they forgot to secure the database that resided in their S3 bucket.
Based upon on the research I have done so far, the AWS offers great levels of security to protect anything that you have on it. For every feature that is offered, there is usually some sort of security-based checklist that is offered as well. So, in these instances, you really can’t blame the AWS for this, it was purely end user naivete that led to these two Security breaches. Obviously, not enough care was taken to secure the databases in both instances.
I will be writing more about the AWS in future blogs. It truly is an exciting platform, and everybody from the least experienced person to the most advanced software development team are using it. Go ahead and try it out, you can sign up for a free account. But of course, the more that you use the features, you will have to pay rental charges, just like with any other Cloud provider.
Here is the link to the AWS: