After a three-month long investigation, researchers at Check Point have verified sensitive user data is being leaked from mobile applications due to back-end cloud databases being misconfigured. The apps have various uses and are not connected in any way, with some of them having millions of downloads. There could be a couple different reasons why the databases aren’t secured. Developers put a lot of time and effort into the creation of an app and occasionally simply forget to secure the database. In other instances, developers may unlock the database to run tests and forget to reset the security configurations after testing. Either way, leaving the databases open for public view could cause massive issues for the company behind the app and for those who use it.
Analyst Notes
Simple mistakes and a lack of awareness by developers can lead to many challenges. Implementing the guidance in the resources below can help ensure cloud services are secure.
Amazon Web Services
AWS CloudGuard S3 Bucket Security
Specific rule: “Ensure S3 buckets are not publicly accessible” Rule ID: D9.AWS.NET.06
Google Cloud Platform
Ensure that Cloud Storage DB is not anonymously or publicly accessible Rule ID: D9.GCP.IAM.09
Microsoft Azure
Ensure default network access rule for Storage Accounts is set to deny Rule ID: D9.AZU.NET.24
To learn more about the vulnerable applications discovered by Check Point, please see the resource below:
https://blog.checkpoint.com/2022/03/15/stop-neglecting-your-cloud-security-features-check-point-research-found-thousands-of-open-cloud-databases-exposing-data-in-the-wild/
https://www.infosecurity-magazine.com/news/thousands-mobile-apps-expose-data/?&web_view=true
