This batch of data was recognized by UpGuard Director of Cyber Risk Research Chris Vickery in September and included information from the US Army Intelligence and Security Command an intelligence collection facility jointly run by the US Army and the National Security Agency (NSA). The information was put in an Amazon Web Services S3 cloud storage bucket mistakenly configured for public access. Within the accessible repository found under the very obviously labeled ‘inscom’ subdomain were 47 viewable files and folders, three of which were ready to be downloaded. The largest downloadable file included a virtual hard drive, which seemed to be used for receiving, transmitting and handling classified data, with files within it ranked as “Top Secret” and “NOFORN” a group meaning that no foreign nationals can view the records regardless of what permission level they hold. There were also private keys used for accessing distributed data systems and hashed passwords stored on the hard drive.
The other two downloadable files stored instruction for the contents of the file with the virtual hard drive and what seemed to be a training snapshot on how to label and categorize classified data. At least some of the data in the repository was accessed and achieved by a third-party INSCOM partner.
“Although the UpGuard Cyber Risk Team has found and served to secure multiple data exposures involving sensible defense intelligence data, this is the first time that obviously classified information has been among the exposed data,” said UpGuard in its report. Previous UpGuard finds add sensitive data exposed by a defense contractor, a Verizon partner, a federal ad strategizing firm hired by the GOP, a voting machine supplier and a major consulting and management organization.
Take your time to comment on this article.