Viacom AWS Misconfig Exposes Entire IT Infrastructure

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
Viacom is the latest big-name firm to have misconfigured its cloud databases, in a security incident which could theoretically have allowed hackers to remotely control its entire IT infrastructure.

Security firm UpGuard made the discovery, when noted director of cyber risk research, Chris Vickery, found a “publicly downloadable” Amazon Web Services S3 cloud storage bucket containing 72 .tgz files.

Frequently mentioned in the files is “MCS” – thought to refer to Viacom’s Multiplatform Compute Services group, which supports the IT infrastructure for hundreds of the media giant’s brands, including MTV, Nickelodeon, Comedy Central, Paramount and BET.

“While Viacom has not confirmed to UpGuard the purpose of this bucket, the contents of the repository appear to be nothing less than either the primary or backup configuration of Viacom’s IT infrastructure,” explained UpGuard cyber resilience analyst, Dan O’Sullivan, in a blog post.

“Exposed within this repository are not only passwords and manifests for Viacom’s servers, data needed to maintain and expand the IT infrastructure of an $18 billion multinational corporation, but perhaps more significantly, Viacom’s access key and secret key for the corporation’s AWS account. By exposing these credentials, control of Viacom’s servers, storage, or databases under the AWS account could have been compromised.”

The accidental leak could have allowed attackers to launch faultless phishing campaigns using Viacom brands and infrastructure, while AWS access keys could have been used to spin off new servers to create a botnet, he warned.

UpGuard has been leading from the front in its discovery of countless misconfigured AWS installations, exposing poor security practices at the likes of Dow Jones, the US Department of Defense and Verizon.

A Viacom statement played down the seriousness of the leak:

“Once Viacom became aware that information on a server – including technical information, but no employee or customer information – was publicly accessible, we rectified the issue. We have analyzed the data in question and determined there was no material impact.”
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top