Page 3 - Threat Intelligence 8-7-2019
P. 3
Perspective:
State of the
Marketplace
Capital One was in the spotlight this week, but not for good reason. If
you’ve been following the recent financial news, you’ve heard about the
massive breach suffered by the financial giant at the hands of a former
Amazon S3 employee who allegedly used her knowledge of AWS to
bypass an open-source Capital One web application firewall. The breach
led to over 100 million consumer applications for credit from Capital
One to be compromised.
The initial flaw in Capital One’s defense strategy was the fact that the
firewall was not deployed to protect against the type of attack used by
the intruder. The firewall, deployed with the default configurations
designed to protect against commonly known vulnerabilities, was not
configured to protect against server side request forgery attacks.
What wasn’t known before the breach is that this type of vulnerability
could affect all organizations operating in the cloud, with major cloud
providers like Amazon doing very little to rectify the issue. Amazon’s
stance is that the breach was caused by misconfiguration of a firewall. If
this is a cloud computing issue, we hope for the sake of all organization
moving into the cloud that the finger pointing turns into actionable
changes to make the cloud a safer environment against known
vulnerabilities that could affect millions. It also serves as a lesson to
those implementing security solutions to perform their due diligence
and avoid the use of default configurations, no matter how robust they
may appear to be.
~Stay Secure
www.accumepartners.com 3
