On the heels of the Equifax data breach settlement, Capital
One announced their disastrous data breach. According Capital One, the breach
took place on March 22 and 23, 2019. The hacker gained access to approximately
106 million records of personal information that included names, addresses,
dates of birth, credit scores, transaction data, social security numbers and
bank account numbers.
Capital One hosts its data on AWS servers. Because of the
breach, AWS has come under scrutiny, but upon further investigation, the breach
was caused by an open-source Web Application Firewall (WAF) misconfiguration on
Capital One’s part, not AWS. The WAF had too many permissions, therefore
allowing the hacker to trick the server with a well-known method called a
Server Side Request Forgery (SSRF) attack and gain access to the data.
SSRF is becoming a problem for organizations who host their
data on AWS. Although the underlying infrastructure of the AWS cloud server is
secure and stable, it is common for developers to build servers with outdated
practices. Therefore, the organization’s data becomes vulnerable to an SSRF
attack and other methods of compromise.
Amazon knows this very well and created the Well-Architected
Framework service for AWS customers to help them build their architecture
securely and detect common exploitation techniques. Amazon’s Well-Architected
Framework is built on the five pillars of AWS:
Operational Excellence
The operational excellence pillar includes the ability to
run and monitor systems to deliver business value and to continually improve
supporting processes and procedures.
Security
The security pillar includes the ability to protect
information, systems, and assets while delivering business value through risk
assessments and mitigation strategies.
Reliability
The reliability pillar includes the ability of a system to recover
from infrastructure or service disruptions, dynamically acquire computing
resources to meet demand, and mitigate disruptions such as misconfigurations or
transient network issues.
Performance Efficiency
The performance efficiency pillar includes the ability to
use computing resources efficiently to meet system requirements and to maintain
that efficiency as demand changes and technologies evolve.
Cost Optimization
The cost optimization pillar includes the ability to avoid
or eliminate unneeded cost or suboptimal resources.
As an AWS Partner, we perform Well-Architected reviews
for your AWS and application architecture by following the five pillars. We
look for vulnerabilities, misconfigurations and identify what needs to be
remediated. We work with you to
remediate any issues we’ve found so that you can rest knowing that your
architected solution is built solidly on the five pillars. For a limited
time, receive $5,000 in AWS credits when we do a remediation based on our
review.
An AWS Well-Architected Framework Review would have caught Capital One’s disastrous misconfiguration. No one wants to be on the homepage of a news outlet like Capital One (and Equifax) because their data was stolen. If you are an AWS customer and you have never had your application architecture inspected, it is time.
I want to learn more about the AWS Well-Architected Review.
Please select a valid form