July 6, 2022
Storing data is one of the most common uses for the cloud by enterprises. It’s often more cost-effective than using on-premise assets, facilitates access from anywhere on any device, and eliminates the headaches of maintaining physical hardware. Sounds like a win-win, right?
The challenge is that cloud storage services come with a range of potential security risks that, if exposed, can be detrimental or in some cases, even fatal for an organization and its consumers.
Earlier this year, a misconfigured AWS S3 bucket exposed upwards of 3TB worth of highly sensitive data from four airports across Colombia and Peru. What exactly did this data consist of, you may ask? Airport Employee ID cards, Aviation Security Clearance passes, Personally Identifiable Information (PII) including names, photos, occupations, and national ID numbers.
What’s even more chilling – data also included employees facial photographs, planes and aircraft equipment, fuelling lines, and luggage handling protocols. In the wrong hands, one would dread to imagine how these could all be weaponised for nefarious activities against travellers and human lives. In this month’s Skyhigh Security Intelligence Digest instalment, we’ll be taking a closer look at the incident and outlining how organizations can protect themselves and their stakeholders from similar threats.
Read the Skyhigh Security Intelligence Digest, Ever wonder how a leaky bucket could put lives in danger?
View the entire Skyhigh Security Intelligence Digest series here.