(Ping! Zine Web Hosting Magazine) – German research group Darmstadt Research (also known as CASED) recently conducted a study on virtual machines running on Amazon Web Services. By conducting the study, the researchers found that nearly 30% are configured incorrectly.
Such improper configuration by AWS customers could lead to security breaches, warned the research group.
To conduct their study, Darmstadt examined and analyzed over one thousand machines using AWS.
In a press release displaying the findings, the research group stated, “The research team could extract security critical data such as passwords, cryptographic keys and certificates from the analyzed virtual machines. Attackers can use such information to operate criminal virtual infrastructures, manipulate web services or circumvent security mechanisms such as Secure Shell (SSH).”
Despite the findings, Darmstadt says the fault isn’t on Amazon Web Services. They believe customers should pay closer attention to security recommendations.
You can find Darmstadt’s entire press release on the matter at: http://www.cased.de/en/press/archive.html