Amazon announced it has launched a “Secret Region” on its cloud computing service for use by US intelligence and other government agencies. The provider is now able to store government information classified as “Top Secret.”
“AWS now provides the U.S. Intelligence Community a commercial cloud capability across all classification levels: Unclassified, Sensitive, Secret, and Top Secret,” said Teresa Carlson, vice president for Amazon’s web services worldwide public sector. “The U.S. Intelligence Community can now execute their missions with a common set of tools, a constant flow of the latest technology and the flexibility to rapidly scale with the mission. The AWS Top Secret Region was launched three years ago as the first air-gapped commercial cloud and customers across the U.S. Intelligence Community have made it a resounding success. Ultimately, this capability allows more agency collaboration, helps get critical information to decision makers faster, and enables an increase in our Nation’s Security.”
This agreement expands the collaboration between private enterprise and US government intelligence agencies. It is separate from the existing $600 million contract signed with the Central Intelligence Agency in 2013 that provided cloud services to all 17 intelligence agencies. The new Secret Region agreement makes the technology available to all government agencies with sufficient clearance.
This comes after it was revealed that the US Defense Department left a massive data collection on an Amazon cloud server, which could have been accessed by anyone with a free account. The data included billions of social media posts from Facebook, Twitter and news sites.
The computing giant Microsoft made a similar announcement in October when it said its government cloud program, called “Azure Government Secret” would support US government agencies working with data classified as “secret.”
By storing all of their information on a private company’s servers, the intelligence community will become an even more attractive target to hackers.
A hacker [who] is able to breach AWS Secret Region’s security measures will most likely have an easier time gaining access to other files stored on the server and other servers within the network.
While it is unknown what new security measures the AWS Secret Region will include, hackers have previously utilized what is known as “east-west” traffic to move around the servers in the cloud network while avoiding detection for long periods of time.
If a hacker is able to breach the network and infect one server with malware, the malicious code could “fan out,” spreading across the entire cloud. This means one breach could potentially put all of the data and applications being stored on the AWS Secret Region at risk of being stolen, manipulated, or held for ransom.