Master Hack

Google’s Origin & the Danger of Link Sharing

20

How the act of sharing links to files stored in a public cloud puts organizations at risk, and what security teams can do to safeguard data and PII.

Some of us as “seasoned” computer science professionals recall the early days of computing pre-Web and pre-PageRank, the key algorithmic innovation that enabled Google to grow to its current mammoth scale. Much has been written about Google’s history and the spawning of effective web search engines that ranked web pages so users could easily find the most relevant information they were interested in.

At the time, some in the computer science community concerned with security and privacy issues expressed fears that Google’s web crawling and indexing might be illegal. Certainly, copyright issues would be in play if wholesale copying of web content wasn’t permissible. Many of these issues were resolved over the years by employing agreed-upon rules of the road, permitting crawling, page analysis, and indexing, but under the control of announced policies and terms of service by webmasters. In a perfect Internet, all would be good.

Today, web crawling is continuous and ubiquitous, and it has broadened in scope from web pages to general Internet searches and file shares. The downside to this is that Google searches can also capture and index files and data exposed in cloud shares. Along with the very many legitimate web crawlers that adhere to the rules in robot.txt, there are also malicious crawlers that ignore these warnings and scan and probe, sometimes successfully, to capture cloud shared documents. It may not be immediately apparent when a cloud share has been visited by a spider. After all, it isn’t immediately obvious when your website has been crawled unless you explicitly look for it.

This is why it pays to be proactive. We experienced a related incident firsthand at Columbia University, where I work as a computer science professor. Long ago, before there were so many regulations around protecting personal identifiable information, student Social Security numbers were used as the unique identifier when entering a housing lottery for securing a dorm room on campus. The files associated with this lottery were then stored in the cloud and forgotten. That is, until Google’s indexing made the Social Security numbers public and searchable, creating an incident years after the files were stored and students had moved on from the university. The university’s security team was able to remove the links and has since spent more time educating its faculty and students on data privacy best-practices. They’ve also set up a scanning system to help monitor for any instances of students’ social security numbers being shared.

It is these types of incidents that drove the university to take precautions, update security policies, and anticipate risks related to Google indexing and link sharing. Just recently, data from more than 90 companies, including Box, was exposed through Box accounts because employees shared web links.

How can security teams understand just how pervasive link-sharing risks are in their organizations? First, administrators should make sure the default access settings for shared links are configured to “people in your company” to reduce accidental exposure of data to the public. Secondly, security policies for cloud-resident data should mirror any policies that apply to data stored on the premises. That includes policies about downloading or sharing certain kinds of sensitive data, as well as encryption of sensitive data.

Defenders typically resort to cloud log analysis to determine the extent of the problem. Such log analytics can alert personnel to possibly misconfigured cloud share access controls, or user security violations, where a shared link gives access to a broad collection of documents to an interested spider.

The log analytics aren’t easy to do, but generally, capturing all events including time stamps, source IPs, agent strings, and URLs requested is the basic starting point. There are numerous products available to assist in the process ā€” for example, to uncover the source IPs from tracert, and that analyze timing of requests. Being alert to spiders is important, but once a spider has done its job, and the shared documents have been exposed, what’s next?

Sponsored Content :- 7 Habits of Highly Effective Security Teams

The job of defending the enterprise is continually evolving. It is often tempting to think that buying into the latest technology trends (which there is currently no shortage of, with machine learning, artificial intelligence, blockchain and more!)Brought to you by Awake Security

At that point, once a spider has scanned and indexed the files in the cloud share, the data owner has lost the ability to control access to it; in essence, all bets are off. So, the immediate questions security teams need to know are: What was lost? Who is affected? Who is responsible? How did it get lost? Can it be prevented from happening again?

Cloud log analysis can help answer some of these questions. Appropriate mitigation actions in a case like this also include shutting down credentials for the person who shared the link, revoking user access to cloud-resident files, folders, or cloud shares, and, in some cases, decommissioning a public cloud folder and reconfiguring security settings for future files. That is how some of the organizations involved in the Box data leak responded.

At some point in the near to distant future, the information in cloud activity logs could be automatically analyzed using artificial intelligence, machine learning, or other technologies to lessen the workload of security professionals. Rather than spending resources digging through cloud logs, it may be possible to send teams real-time notifications when cloud security policies are violated, or when unsanctioned users open or download cloud-resident files that weren’t meant for them.

Lovepreet Singh
CEO & FOUNDER OF" FIVE RIVERS INCORPORATION - LEADING SOFTWARE & CYBER SECURITY DEVELOPMENT COMPANY" || CERTIFIED ETHICAL HACKER || FUTURE TRILLIONAIRE || FUTURISTIC || "DULL SCHOOL STUDENT" || (Follow this link to message me on WhatsApp: https://wa.me/13018426470)

Developing Event-Driven Applications to Prevent Accident

Previous article

Data Security: Let’s Understand Its Need.

Next article

20 Comments

  1. Hi, I do think this is a great blog. I stumbledupon it šŸ˜‰ I’m going to revisit once again since I book
    marked it. Money and freedom is the greatest way to change, may you be rich and continue to help others.

  2. I like the valuable info you provide in your articles. I’ll
    bookmark your blog and check again here regularly. I’m quite sure I will learn many new stuff right here!
    Good luck for the next! plenty of fish natalielise

  3. This is a topic which is close to my heart…

    Thank you! Where are your contact details though?

  4. I like it when people come together and share views.
    Great website, continue the good work!

  5. Hi, great work. I really appeaciate the information you are providing through your website, i have alwasy find it helpful. Keep up the amazing work.

  6. When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get several
    e-mails with the same comment. Is there any way you can remove me from that service?
    Thanks!

  7. Hi my friend! I want to say that this article is awesome, great written and come with almost all important infos.
    I’d like to see extra posts like this .

  8. Can I simply just say what a comfort to uncover an individual who
    truly knows what they’re discussing on the net. You definitely understand how to bring a problem to
    light and make it important. A lot more people really need to check this out and understand this side
    of your story. I was surprised you are not more popular since you
    certainly possess the gift.

  9. Good blog you’ve got here.. It’s difficult to find quality writing like yours nowadays.
    I really appreciate individuals like you! Take care!!

  10. Amazing blog! Do you have any hints for aspiring writers?
    I’m planning to start my own website soon but I’m a little lost
    on everything. Would you recommend starting with a free platform like WordPress or
    go for a paid option? There are so many options out there that I’m completely confused ..

    Any recommendations? Cheers!

  11. Your style is really unique compared to other folks I have read stuff from.
    Thank you for posting when you’ve got the opportunity, Guess I’ll just book mark this blog.

  12. You have made some decent points there. I checked on the net for additional information about the
    issue and found most people will go along with your views on this site.

  13. What’s up it’s me, I am also visiting this
    web site daily, this web site is genuinely good and
    the viewers are actually sharing nice thoughts.

  14. Iā€™m not that much of a online reader to be honest but your blogs really nice, keep it up!
    I’ll go ahead and bookmark your site to come back
    in the future. Cheers

  15. Excellent post. Keep writing such kind of info on your blog.
    Im really impressed by your blog.
    Hello there, You’ve done an incredible job. I will definitely digg it and in my view recommend to my friends.
    I’m sure they’ll be benefited from this site.

  16. Genuinely when someone doesn’t be aware of after that its up to other
    visitors that they will assist, so here it takes place.

  17. Hey there! This is my 1st comment here so I just wanted to
    give a quick shout out and say I truly enjoy reading your
    blog posts. Can you recommend any other blogs/websites/forums that deal with
    the same topics? Thanks for your time!

  18. Hello just wanted to give you a quick heads up. The text in your content seem to be running off the screen in Opera.
    I’m not sure if this is a format issue or something to do with browser compatibility but I figured I’d
    post to let you know. The layout look great though!
    Hope you get the issue resolved soon. Kudos

  19. I’m not sure exactly why but this site is loading extremely slow
    for me. Is anyone else having this issue or is it a issue on my
    end? I’ll check back later and see if the problem still exists.

  20. I’m no longer sure the place you are getting your info, however
    good topic. I must spend some time studying much more or understanding
    more. Thank you for great information I used to be searching for this information for my mission.

Leave a reply

Your email address will not be published. Required fields are marked *

Login/Sign up