DailyPost 2555
AZURE’S 38 TB DATA LEAK
If you thought that the loss of data, misuse of data and exposing data to the public domain are the handiwork of hackers only, then you are badly mistaken. It happens in various ways, unknown the users / stakeholders and coming to light long after the damage is done. The information of this nature of a leak is known much later and that to by third parties and people who were responsible for the leak, remain unaware even at that late stage. In technology, ignorance is not bliss, either you know what you are doing and do it effectively with precision, or you risk yourself, your customer and the company, you work for.
The supervisory, monitoring and internal technical oversight wings of the company are not able to make much dent in these cases. This a tragic story and it becomes messier when it happens with one of the top cloud providers in the world, a company which created the PC revolution. The fear of cloud was completely negated because of the Covid 19 crisis, but that does not mean that there is no issue and everything in hunky dory. Lack of technical expertise we might call it, but is it really possible for all users; corporate or the service providers to take care of every point of leak all the time. The beauty of the whole game is that even with no hackers in the picture, data security remains a nagging issue.
The leak in question started in July 2020 and it was Microsoft AI research division which ended up doing this accidently. It was dozens of terabytes of sensitive data leak while contributing to the open-source AI learning models. The platform in question is a public GitHub repository. It took around three years for this leak to be known; it was discovered by cloud security firm Wiz. Its security researchers “found that a Microsoft employee inadvertently shared the URL for a misconfigured Azure Blob storage bucket.” The bucket contained the leaked information. The data exposure as officially happened because of the use of excessively permissive Shared Access Signature (SAS) token.
This process provides you full access to the shared files. The main issue with this mechanism is the challenge to monitor and revoke. “ Due to lack of monitoring and governance, SAS tokens pose a security risk.” Wiz warned that, “These tokens are very hard to track, as Microsoft does not provide a centralized way to manage then within the Azure portal.” The way it operates, effectively these tokens are configured to last forever. This very clearly means that SAS tokens for external sharing is unsafe. We live in a cyber ripped world, where even the best practitioners and best companies cannot provide us full security.
CYBER SECURITY IS NOT ONLY A WAR WITH HACKERS, BUT WTH OUR OWN COMPETENCE TO USE THIS TECHNOLOGY IN A FAIL-SAFE WAY, IF THERE IS ANYTHING LIKE THAT.
Sanjay Sahay
Have a nice evening.