A vulnerability called “GhostWriter” has been discovered affecting Amazon Web Services’ (AWS) Simple Storage Service (S3). S3 is a storage solution within AWS. The vulnerability is due to improperly configured S3 buckets, essentially publicly shared folders that user’s upload content to. This could allow access to external users who could then launch man-in-the-middle attacks, steal or modify data, or deliver malware to the bucket. Most exposure to GhostWriter is said to be due to poor configuration by the bucket owners, rather than the cloud service provider.
Amazon Web Services S3
Administrators are encouraged to audit their S3 bucket configuration policies. This can be done manually or using a number of resources provided by AWS and third parties. Additionally users should only store data in buckets that aren’t vulnerable to GhostWriter.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.