Stratosphere: Finding Vulnerable Cloud Storage Buckets
Abstract
Misconfigured cloud storage buckets have leaked hundreds of millions of medical, voter, and customer records. These breaches are due to a combination of easily-guessable bucket names and error-prone security configurations, which, together, allow attackers to easily guess and access sensitive data. In this work, we investigate the security of buckets, finding that prior studies have largely underestimated cloud insecurity by focusing on simple, easy-to-guess names. By leveraging prior work in the password analysis space, we introduce Stratosphere, a system that learns how buckets are named in practice in order to efficiently guess the names of vulnerable buckets. Using Stratosphere, we find wide-spread exploitation of buckets and vulnerable configurations continuing to increase over the years. We conclude with recommendations for operators, researchers, and cloud providers.
Keywords
Cite
@article{arxiv.2309.13496,
title = {Stratosphere: Finding Vulnerable Cloud Storage Buckets},
author = {Jack Cable and Drew Gregory and Liz Izhikevich and Zakir Durumeric},
journal= {arXiv preprint arXiv:2309.13496},
year = {2023}
}
Comments
Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses. 2021