View all newsletters
Receive our newsletter – data, insights and analysis delivered to you
  1. News
December 1, 2017

US DoD suffers massive data breach

The US Department of Defense (DoD) has been affected by a data breach after a huge volume of its critical intelligence data was exposed on a publicly accessible server.

The US Department of Defense (DoD) has been affected by a data breach after a huge volume of its critical intelligence data was exposed on a publicly accessible server.

UpGuard, a cybersecurity company in the US, has discovered that more than 100GB of data belonged to the US Army Intelligence and Security Command (INSCOM), a joint US Army and National Security Agency (NSA) Defense Department command, according to media sources.

The INSCOM is responsible for gathering intelligence data for US military and political leaders.

The DoD information was leaked on to a public Amazon Web Services S3 cloud storage bucket.

The server contained a total of 47 viewable files and folders in the main repository, three of which were also downloadable.

“This is the first time that clearly classified information has been among the exposed data.”

The leaked files include sensitive details about the DoD’s battlefield intelligence platform, the distributed common ground system – army (DCGS-A) and the platform’s troubled cloud auxiliary, Red Disk.

These files also contain private keys used for accessing distributed intelligence systems and hashed passwords that can be used to further access internal systems.

Commenting on the data leak, UpGuard stated: “Plainly put, the digital tools needed to potentially access the networks relied upon by multiple Pentagon intelligence agencies to disseminate information should not be something available to anybody entering a URL into a web browser.

“Although the UpGuard Cyber Risk Team has found and helped to secure multiple data exposures involving sensitive defence intelligence data, this is the first time that clearly classified information has been among the exposed data.”

Additionally, UpGuard found a virtual hard drive and Linux-based operating system that could be used for receiving DoD data from a remote location.

Related Companies

NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. The top stories of the day delivered to you every weekday. A weekly roundup of the latest news and analysis, sent every Friday. The defence industry's most comprehensive news and information delivered every month.
I consent to GlobalData UK Limited collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU

Thank you for subscribing to Army Technology