When Sharing Is Not Caring: How Misconfigured FTP, SMB, Rsync, and S3 Buckets Exposed Over 1.5 Billion Files


While we often worry about adversaries conducting intrusions into our environments and silently exfiltrating our data, the reality is that this data is often already publicly-available via misconfigured cloud storage, file exchange protocols, NAS drives and file sharing services. Existing tools such as Dump Monitor (dumpmon) and FTP search engines provide limited and incomplete coverage, so Digital Shadows deployed its digital risk management technology for the task. To date, we have indexed over 1.5 billion files, including over 47 million located in the Netherlands, using our file exposure discovery capability. This talk will raise awareness of the level of data exposure from these misconfigured and unauthenticated network services, while providing astonishing examples of the type of data left out in the open by organisations and third-parties.

In this talk we will cover:
• The top affected geographies for data exposure across unauthenticated network services
• Some of our most eye-catching findings, including: mission reports, critical national infrastructure project details, live point of sale data, company payroll information, full network diagrams of internal systems, vulnerability assessment reports, and many more
• Top tips on how to best mitigate the risks associated with this type of exposure