NSA accidentally leaks more secrets after 'Red Disk' was left on unsecured AWS server
Who needs Edward Snowden when the NSA is so careless with its own data?
More US security secrets have been leaked online after the virtual image of a disk drive containing sensitive information was found, unsecured, on an Amazon Web Services (AWS) server.
Chris Vickery, director of cybersecurity research firm UpGuard, claims that he found the unlisted image on a publicly accessible server with no password needed to access it.
"Critical data belonging to the United States Army Intelligence and Security Command (INSCOM), a joint US Army and National Security Agency (NSA) Defence Department command tasked with gathering intelligence for US military and political leaders, leaked onto the public internet, exposing internal data and virtual systems used for classified communications to anyone with an internet connection," said Dan O'Sullivan Dan O'Sullivan, cyber resilience analyst at UpGuard.
The data related to a joint project called Red Disk. This was designed to provide a cloud-based platform for sharing intelligence and reconnaissance data between the US Army and the NSA during the Afghan military operation.
The project has since been discontinued, with reports noting it crashed a lot and hindered solider operations leading to Red Disk never getting fully deployed.
The virtual disk contained data from a physical hard disk drive that was in a Linux-based server that formed part of the Red Disk system.
And the disk was separated into six partitions ranging from 1GB to 69GB in size with labels such as 'Top Secret' and 'NOFORN', the latter term labelling data so sensitive it's not to be shared with foreign allies.
It seem clear that the data on the disk was sensitive to INSCOM, particularly as it gives a good look into how Red Disk worked, such as the intelligence data it pulled in, even though the project was ultimately a failure.
How the image came to be leaked is not known, although the NSA has suffered a series of security leaks in recent years, not to mention a handful of security contractors who have followed Edward Snowden's example and leaked confidential data.
"This cloud leak was entirely avoidable, the likely result of process errors within an IT environment that lacked the procedures needed to ensure something as impactful as a data repository containing classified information not be left publicly accessible," highlighted O'Sullivan.
"In order to stop and shift away from the regular revelations of another exposed intelligence operation, federal stakeholders must begin to regain control of their systems, reducing their complexity by gaining full visibility into the complex workings of the government's cyber presence."