Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: ConservativeMind

“Well, when an internal Amazon administrator for AWS is responsible for the Capital One breach, there SHOULD be a concern.”

Worse. It was an Ex-Amazon AWS admin who breached an AWS customer’s security. Indicates very poor Systems architecture, management and security practices. Disabling all Admin accounts and resetting externally accessible administrative accounts is a 0-day activity when someone leaves a contract.

Even if C1’s data was downloaded when ‘it’ was still employed at AWS it means personal, external storage devices are permitted on the AWS management network. Bad, bad, bad.


14 posted on 08/01/2019 3:15:52 PM PDT by Justa
[ Post Reply | Private Reply | To 6 | View Replies ]

To: Justa
The ex-employee had been gone from Amazon for 3 years before the hack and no longer had an account/access to AWS systems. The exploit was through Capital One's firewall, their fault for misconfiguring it. External storage devices are not allowed on the AWS management network.

That said, the best way to keep your data secure is in your own network, IF you have the right people to secure it. I've worked as a contractor for the government. The government employees I encountered were not the right people to secure government networks. That might be different elsewhere, but not where I was.
19 posted on 08/01/2019 4:52:34 PM PDT by grateful
[ Post Reply | Private Reply | To 14 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson