OSINT Top Ten: Number 5 - Cloud Exposure
Coming in at Number Five of the Open Source Intelligence Top Ten (aka OSINT Top Ten) is Cloud Exposure.
It is important to examine “The Cloud” (especially vendor offerings like Amazon AWS, Google Cloud Platform, and Microsoft Azure) for anything that can be linked directly to your organization, brand, and offerings: key individuals, locations, domains, products, services, and project names.
Key things to be on the lookout for are protected and open buckets across all of these cloud infrastructures. You want to make sure that you do not have any sensitive files, apps, or databases exposed to the public in any open buckets. Because no one wants to be the organization known as the one that “Left Confidential Data in an Open X Bucket.”
Since the cloud is straightforward for anyone to sign up for (all you need is a credit card), companies want to ensure they are monitoring their chosen cloud vendor and the other major players in the space. With the aforementioned ease of use to sign up, it doesn’t take much for an employee to register some cloud services based on their preferences or needs. These actions should be monitored closely for domain names, keywords, product names, etc., to ensure proper visibility to all clouds. With such ease of use and implementation, another thing to be aware of and manage is the rising threat of “cloud squatting.” Cloud squatting is a form of cybersquatting and brand hijacking but within the context of cloud deployments that may look like your brand (organization, abbreviations, products, services, etc.).