alphaspirit - Fotolia

Risk & Repeat: Does the Amazon S3 outage raise security flags?

Listen to this podcast

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Amazon Simple Storage Service outage and why the incident may have security implications.

Last week's Amazon Web Services outage wasn't caused by hackers or a cyberattack, but the incident may have security implications for the cloud giant.

Portions of the Amazon Simple Storage Service (Amazon S3) were temporarily knocked offline last Tuesday for several hours. The Amazon S3 outage, which affected the U.S.-East-1 region of the cloud service, was trigged by a command line error issued by an authorized S3 team member that was attempting to debug a billing system for the service.

According to the company's incident report, the team member was using a tool to remove a small number of servers from an S3 subsystem. The command line error, however, led to the removal of a much larger portion of servers, which affected two other S3 subsystems and knocked the U.S.-East-1 region offline. While service was restored later that same day, the Amazon S3 outage led to operational changes for AWS to prevent such disruptions in the future, including newly added safety checks for the tool in question.

What are the security implications of the Amazon S3 outage? Should the company have more safeguards to protect its infrastructure? Does AWS give its employees too much power, which could be abused by an insider threat?

In this week's episode of SearchSecurity's Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss those questions and more on the topic of the Amazon S3 outage. In addition, they also discuss the latest information from Cloudflare on the Cloudbleed bug, plus more bad news for Yahoo regarding recent data breaches at the company.

Next Steps

Risk & Repeat: Cloudbleed bug poses response challenges

Risk & Repeat: RSA Conference 2017 highlights and trends

Risk & Repeat: Pentagon cybersecurity under scrutiny

Enterprise Desktop
Cloud Computing