Databases, cloud storage, and more at risk from exposed access keys

Inadvertent leaks during software development places organizations at risk



The increasing prevalence of corporate access keys getting inadvertently exposed during software development is leaving organizations exposed to greater risk of attack.


Access keys, and their corresponding secrets, are used by developers to authenticate themselves.


These credentials ought to be kept private, poor security practices mean they are frequently made ‘public’ – a shortcoming attackers often exploit to access corporate systems in a process that can be partially automated using search tools.


Databases, cloud storage, and other services are all at risk from exposed access keys, according to new research released on Tuesday (September 15) from threat intel agency Digital Shadows.


Cloud front


Over a 30-day period, Digital Shadows scanned more than 150 million entities from GitHub, GitLab, and Pastebin.


During the course of this one-month study, Digital Shadows’ technology assessed and categorized almost 800,000 access keys and secrets.


More than 40% of these exposed credentials were for database stores, with 38% for cloud providers such as Google, Microsoft Azure and Amazon Web Services.


Google Cloud Platform was found to have the most exposed keys, with 56.5% of the total. Microsoft Azure access keys and SAS tokens make up 22.7% and 12.4% respectively.


Despite Amazon Web Services being the market leader, exposed keys for these services only made up 8.3% of the total.


Read more of the latest cybersecurity research news


Asked to comment on this odd result, Digital Shadows offered The Daily Swig some possible explanations.


“It’s hard to speculate, but it may well be a co ..

Support the originator by clicking the read the rest link below.