[AusNOG] Risks to country and business infrastructure
chad at cpkws.com.au
Thu Sep 12 17:37:21 EST 2019
Hi What I am saying is that in general you have more chance of humans being negligent and messing up security then you have of someone smuggling explosives into a Datacentre.
While the AWS security breech wasn’t entirely the companies fault it doesn’t make them look good when they have Capital one splashed all over their website as a case study of how well they are doing.
AWS really should be recommending their larger customers to go through trained partners.
CPK Web Services
Phone 03 52730246
From: Andras Toth <diosbejgli at gmail.com>
Sent: Wednesday, September 11, 2019 10:26 PM
To: Chad Kelly <chad at cpkws.com.au>
Cc: ausnog at lists.ausnog.net; ausnog-request at lists.ausnog.net
Subject: Re: [AusNOG] Risks to country and business infrastructure
The person that got access to their system was not an AWS employee when the breach happened. The person got access via a misconfigured server/system that wasn't Amazon's fault.
See the original court case for details: http://regmedia.co.uk/2019/07/29/capital_one_paige_thompson.pdf
This is the same as saying it's Amazon's fault that people make their S3 buckets public and information gets exposed.
On Wed, Sep 11, 2019 at 12:26 PM Chad Kelly <chad at cpkws.com.au<mailto:chad at cpkws.com.au>> wrote:
On 9/11/2019 12:00 PM, ausnog-request at lists.ausnog.net<mailto:ausnog-request at lists.ausnog.net> wrote:
> When someone questions whether this-or-that was predicted, this seems most
> likely to indicate either the plausibility of the threat, or which side of
> a closed door the questioner was on when the discussions were held.
I'd worry less about people placing explosives in servers and more about
making sure that proper checks are in place for the people with access
AWS is a good example of this, they really need to lift their game.
Stuff like the Capital One incident just shouldn't happen and as a
result of that I am not recommending AWS to any of our customers.
That isn't the only reason, but the fact Capital One are still with AWS
after that incident scares me a little, if I was them I would of dumped
them as a vendor immediately.
Basically Datacentres and network operators need to force all staff to
undergo regular checks particularly when dealing with sensitive info.
I also am aware that the Capital One case isn't Australian, but it is
still a good example of why providers need to keep an eye on who has
access to certain info.
CPK Web Services
Phone 03 5273 0246
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AusNOG