Amazon announces AWS Secret Region for intelligence agencies

Three years after launching Top Secret Region, Amazon has announced Secret Region for US intelligence agencies, as well as other government agencies dealing with secret-level data.
Written by Tas Bindi, Contributor

Amazon Web Services (AWS) has announced setting up a "secret" datacentre region targeted towards the US intelligence community and other government agencies working with secret-level datasets.

AWS Secret Region is able to host software and data that are classified at the "secret" level, making it applicable to intelligence agencies that typically deal with sensitive information.

Secret Region is an extension of the $600 million AWS-Central Intelligence Agency arrangement that led to the creation of Top Secret Region in 2014 specifically for the US intelligence community.

The new region is immediately available to US intelligence agencies through their existing commercial cloud services contract with AWS and will meet certain government standards. But it will also be available to other types of government customers with sufficient secret-level network access and their own "contract vehicles".

"The AWS Secret Region is a key component of the Intel Community's multi-fabric cloud strategy. It will have the same material impact on the IC at the Secret level that C2S has had at Top Secret," John Edwards, CIO of the CIA, said in a statement.

The cloud computing arm of Amazon claims to be the first commercial provider to serve government workloads across the full range of data classifications, including unclassified, sensitive, secret, and top secret.

The launch of AWS Secret Region comes six years after AWS introduced GovCloud, its first datacentre for US-based public sector customers, enabling government agencies and contractors to upload and move sensitive data to the cloud.

AWS, along with Microsoft Azure, announced in June last year that they had received FedRAMP's highest authorisation for their respective government cloud offerings, meaning they had met the US government's most rigorous security requirements.

Recently, the Australian Broadcasting Corporation (ABC) confirmed that two unsecured AWS S3 repositories had left sensitive data exposed to the public.

The unsecured repositories were detected by Kromtech Security Center in that state just a week after AWS introduced new S3 encryption and security features for users.

The exposed files contained thousands of emails, logins, and passwords for ABC Commercial users to access content; requests for licensed content from media producers worldwide; secret access key and login details for other repositories, with advanced video content; and 1,800 daily MySQL backups from 2015 to as recent as last week.

In July, as many as 14 million records of subscribers who contacted Verizon customer service in the prior six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based technology company.

Privacy watchdogs had linked Nice to several government intelligence agencies, and it is known to work closely with surveillance and phone cracking firms Hacking Team and Cellebrite.

In regulatory filings with the Securities and Exchange Commission, Nice noted that it cannot control what customers do with its software.

Accenture also confirmed in October that it inadvertently left a massive store of private data across four unsecured cloud servers, hosted Amazon's S3 storage service, exposing highly sensitive passwords and secret decryption keys that could have inflicted considerable damage on the company and its customers.

The servers contained hundreds of gigabytes of data from the company's enterprise cloud offering, which the Accenture claimed provides support to the majority of the Fortune 100.

Related Coverage

Red Hat partners with AWS with OpenShift Container Platform 3.7

Red Hat wants to be your AWS hybrid cloud and container company as well your Linux provider.

AWS just sold some of its cloud computing infrastructure in China

Amazon sells physical assets to local partner for $300m, but says it remains committed to China business.

AWS launches new S3 encryption and security features

The new features include some for more secure cross-region replication.

NVIDIA GPU Cloud 'democratizes AI' for developers on AWS (TechRepublic)

Available on Amazon EC2 P3 instances, the containerized software stack offers access to deep learning frameworks, libraries, and more.

Why it's pointless to criticize Amazon for being 'bad' at open source (TechRepublic)

AWS doesn't give enough to open source, say some critics. It's unclear, however, how they come to this conclusion.

Editorial standards