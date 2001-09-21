from the government-doesn't-want-you-to-have-encryption dept.
Microsoft Azure Cloud Vulnerability is the 'Worst You Can Imagine'
Microsoft Azure cloud vulnerability is the 'worst you can imagine':
A flaw in Microsoft's Azure Cosmos DB database product left more than 3,300 Azure customers open to complete unrestricted access to hackers since 2019 when Microsoft added a data visualization feature called Jupyter Notebook to Cosmos DB. The feature was turned on by default for all Cosmos DBs in February 2021.
The Microsoft Database Hack Shows That Data Stored in the Cloud Must Always be Encrypted End-to-End.
The Microsoft database hack shows that data stored in the cloud must always be encrypted end-to-end.:
IT security specialist Ami Luttwak from Wiz discovered the vulnerability in the Azure Cosmos DB Jupyter Notebook Feature on Aug. 9 and reported it to Microsoft three days later. Microsoft published this statement saying it immediately fixed the issue. Microsoft thanked the security researchers for their work as part of the coordinated disclosure of the vulnerability. Microsoft also told Wiz via email that it planned to pay out $40,000 for reporting the vulnerability.
On Aug. 26, Microsoft notified several thousand of its cloud customers affected by the issue via email. In the message, the company warns its customers that attackers had the ability to read, modify and even delete all of the main databases. Luttwak managed to gain access to primary read-write keys, which he used to gain full access to customer databases. Because Microsoft could not change these keys itself, the company asked its customers to take action and exchange this primary key of CosmosDB as a precaution. Although the security hole has already been closed, customers should take this step to finally prevent a possible compromise of the databases. Microsoft further writes in the message that they have found no evidence that third parties (with the exception of Wiz) have accessed the keys.
[...] The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency used stronger language in a bulletin, making clear it was speaking not just to those customers that had been notified, but to everyone using Azure Cosmos DB:
"CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key".
[...] Luttwak said: "This is the worst cloud vulnerability you can imagine. This is the central database of Azure, and we were able to get access to any customer database that we wanted."
For European Azure cloud customers who have personal data stored in a Cosmos DB instance, there is also the question of whether a precautionary GDPR notification must be sent to the responsible data protection authorities within 72 hours due to a possible security incident.
[...] The hack of Miscrosoft's Azure database shows once again that encryption is the best tool we have to fend off malicious attackers and to keep our data safe.
When data is stored in the cloud, the only way to properly protect this data is end-to-end encryption - free from any kind of backdoor.
See also: ChaosDB: How we hacked thousands of Azure customers' databases:
Original Submission #1 Original Submission #2 Original Submission #3
(Score: 3, Touché) by Rosco P. Coltrane on Wednesday September 01, @12:33PM
Microsoft - proudly supplying unstable and insecure software since 1975, and sticking fast to the tradition.
(Score: 2) by PiMuNu on Wednesday September 01, @12:55PM (2 children)
> When data is stored in the cloud, the only way to properly protect this data is end-to-end encryption - free from any kind of backdoor.
This is interesting. M$ (and google, amazon, etc) are doing their best to obfuscate the boundary between HDD and cloud, because cloud means lock-in. That seems to go contrary to this concept.
Also, is it standard practice to e.g. encrypt DB entries (for example if my CMS is hosted on M$ et al)? What's the CPU overhead to that?
(Score: 1, Informative) by Anonymous Coward on Wednesday September 01, @01:11PM
Standard practice is to go with whatever is cheapest (short term).
(Score: 3, Informative) by ElizabethGreene on Wednesday September 01, @01:32PM
There are three types of encryption relevant for databases.
At-Rest - encryption on disks/blobs/LUNs
In-Transit - encrypt in transit between the server and client
Both of those types of encryption are transparent to the application.
I believe the OP is referring to the last type of encryption, Cell/Row/Application level encryption. In this, the app (or the data access layer of the app) encrypts the data before or as it gets into the database. This is far less common than the above options.
It sounds like this vulnerability wouldn't have been mitigated by either at-rest or in-transit encryption, only application level encryption.
(Score: 3, Insightful) by janrinok on Wednesday September 01, @01:16PM (2 children)
Time and time again we have seen attempts to pass laws giving some parts of government and law enforcement access to all data on the internet. In effect by using backdoors, they don't want your data to be secure. This aim, of course, entirely contradicts the advice being given here: all data in the cloud should be encrypted - and not by the cloud company itself.
There is no such thing as a secure back-door to encryption.
It's always my fault...
(Score: 2) by PiMuNu on Wednesday September 01, @01:22PM (1 child)
> all data on the internet.
Which, to be clear, means almost *every single financial transaction and bank account* in the world.
(Score: 2) by MIRV888 on Wednesday September 01, @01:39PM
The NSA doesn't care. They are up in everyone's biz. They have been from the outset of the interwebs. National Security trumps (lol) your rights. It's as simple as that.