Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

U.S. Senator Sends Letter to Amazon CEO on Capital One Hack
https://www.wsj.com/articles/u-s-senator-sends-letter-to-amazon-ceo-on-capital-one-hack-11565036507 ^ | Aug. 5, 2019 | Robert McMillan

Posted on 08/06/2019 10:40:04 PM PDT by WWG1WWA

A Democratic senator is pressing Amazon.com Inc. AMZN 1.29% for answers on its cloud-computing technology at the heart of the Capital One hack, one of the biggest-ever bank-data thefts.

(Excerpt) Read more at wsj.com ...


TOPICS: Business/Economy; Crime/Corruption; Government; News/Current Events
KEYWORDS:

1 posted on 08/06/2019 10:40:04 PM PDT by WWG1WWA
[ Post Reply | Private Reply | View Replies]

To: WWG1WWA

That’s where we want to put all of our military information. Everyone behind that idea should face a firing squad.


2 posted on 08/06/2019 11:18:05 PM PDT by Captainpaintball
[ Post Reply | Private Reply | To 1 | View Replies]

To: WWG1WWA

As I am affected by this and my phone email and SMS have been getting spammed since the hack, I’d like some answers too.


3 posted on 08/07/2019 1:34:16 AM PDT by thoughtomator (... this has made a lot of people very angry and been widely regarded as a bad move.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: thoughtomator

Sorry to hear that. Is there a lawsuit you can join? I’d do it if I were affected. It’s the only thing that gets their attention.

I can only access the first page - not paying for a sub to those traitors @ WSJ.


4 posted on 08/07/2019 2:26:34 AM PDT by WWG1WWA (Brothers, what we do in life echoes in eternity." -MarcusAurelius)
[ Post Reply | Private Reply | To 3 | View Replies]

To: WWG1WWA

if you put a headline into a search engine you can often easily find a version that is not behind a paywall


5 posted on 08/07/2019 2:39:18 AM PDT by thoughtomator (... this has made a lot of people very angry and been widely regarded as a bad move.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: WWG1WWA
(Speaking from experience and a discussion just yesterday w/Amazon on this topic as the bank I work for is one of their Cloud's users ....)

The problem that Amazon now faces has to do with their WAF (Web Application Firewall) component that Capital One and other AWS platform clients use.

Amazon's WAF is a software defined networking device, meaning there is no physical hardware like a traditional firewall protecting the applications behind it. It is a virtual software device. Amazon's WAF is considered to be a "maturing technology" and has a small set of use cases that would be considered appropriate.

In the Capital One breach, Amazon's WAF was protecting what is termed Critical-Sensitive data which was not an appropriate use case for it and Capital One should've known better.

The WAF was not configured properly either, which compounded matters.

The bank I work for considers this to be a learning opportunity (at Capital One's expense ...) and we are putting in the appropriate measures to monitor the maturity of Amazon's WAF technology while using our own technology assets to protect the data we have on Amazon's cloud.

Finally, anyone who thinks that cases like the Capital One breach will stop banks and other financial services from moving to the cloud - think again. It's a huge cost savings for banks and more often than not cloud based services such as AWS, Azure and Google Cloud are frankly speaking, more secure than our own systems in our own data centers.

In financial services we spend a shit ton (that's a budget planning term for us ...) to protect our systems. Payroll, Infrastructure Spending, Support/Maintenance dollars are the only budget categories that beat it. In a low-interest rate environment where automation and scale are the two primary ways to save valuable capital and expense dollars, cloud is the real only way to achieve savings anymore. Staff has been cut to the bone where I am and there's hardly anyone available to do meaningful work beyond keeping the lights on.

6 posted on 08/07/2019 3:01:16 AM PDT by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 1 | View Replies]

To: thoughtomator

TY


7 posted on 08/07/2019 3:54:41 AM PDT by WWG1WWA (Brothers, what we do in life echoes in eternity." -MarcusAurelius)
[ Post Reply | Private Reply | To 5 | View Replies]

To: WWG1WWA

Why is hacking like this not made a capital offense. Pun intended.


8 posted on 08/07/2019 5:16:23 AM PDT by IAGeezer912 (One out of every 20 people on the face of the earth are Americans. We have won life's lottery.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: usconservative

[In a low-interest rate environment where automation and scale are the two primary ways to save valuable capital and expense dollars, cloud is the real only way to achieve savings anymore. Staff has been cut to the bone where I am and there’s hardly anyone available to do meaningful work beyond keeping the lights on. ]


The moment CEO’s are held personally liable, security will improve.


9 posted on 08/07/2019 5:47:09 AM PDT by Zhang Fei (My dad had a Delta 88. That was a car. It was like driving your living room.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: usconservative

“more often than not cloud based services such as AWS, Azure and Google Cloud are frankly speaking, more secure than our own systems in our own data centers.”

I see this a lot. We provide fiber connections to data centers in Chicago and across the country directly to these services. (AWS, Azure, O365, etc.) and one of the things we frequently encounter is customers who have no idea just exactly how their current provider gets them there. No route maps are available to them.

“How do you know your data is secure if you can’t follow it from Point A to Point Z?” Blank looks usually follow.

L


10 posted on 08/07/2019 5:54:35 AM PDT by Lurker (Peaceful coexistence with the Left is not possible. Stop pretending that it is.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Lurker
Another question might also be: how do you know your provider enables encryption point to point? Because they told you they did?

Always best to encrypt your connections yourself point to point. Don't rely on the major carriers to do it for you.

We encrypt our data in transit and at rest. That's important and we're one of the few who does at rest also. It's expensive, sure. It's less expensive than a breach costing a shit ton of business and money. Even if someone were to breach our network security or get into one of our data centers and steal a disk, it's undecipherable to them without the decrypt keys.

11 posted on 08/07/2019 8:12:00 AM PDT by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 10 | View Replies]

To: usconservative

Smart move.

“Always best to encrypt your connections yourself point to point.”

Our dark fiber customers usually do that. We hand them the fiber and they do the rest. But not all businesses have the IT horsepower to do that. So we can provide end to end security if they wish.

We always use industry best practices. Shocking how many IT types don’t.

L


12 posted on 08/07/2019 9:07:46 AM PDT by Lurker (Peaceful coexistence with the Left is not possible. Stop pretending that it is.)
[ Post Reply | Private Reply | To 11 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson