DEV Community

Troy
Troy

Posted on

3

CapitalOne AWS breach & AWS security discussion

CapitalOne was recently victim to a leak that may have affected 100 million individuals in the US. This post will not go into the unethical intent of the accused or the affect of private information being leaked, but rather the technical aspects and securing your AWS environment. If you'd like to read into it further, this document does a fair job at explaining it.

The diagram below is my understanding of how the CapitalOne S3 data was compromised. Background information about the accused also states that she worked for Amazon Web Services from 2015-2016 in the S3 division. Knowing that she worked for Amazon Web Services for a period of time very well may have affected her ability to compromise CapitalOne.

diagram

There seems to be still unanswered questions, such as:

  • What credentials were exploited for the accused to assume the STS role to gain access?
  • Why wasn't AWS GuardDuty's trusted list being maintained?
  • Why was the STS role that was assumed allowed access to the S3 bucket? A strict bucket policy with allowed ARN's should've been used.

What is your opinion on the technical aspect of the exploitation and securing an AWS environment?

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

đź‘‹ Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Community—every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple “thank you” goes a long way—express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay