Developers and IT decision-makers should not be surprised by the recent Capital One data breach: Misconfigurations have long been the top cloud security concern. A new StackRox survey of IT decision-makers supports this finding as 60% of respondents are more worried about misconfigurations or exposures, as compared to attacks and generic vulnerabilities.
While details of the Capital One data breach are still coming to light, Security Boulevard explains that the attacker most likely identified a misconfigured firewall and pulled the IAM (identity and access management) credentials associated with the WAF (web application firewall) role. Then, those credentials were used to access to Amazon Simple Storage Service (S3) buckets where the stolen files were located.
You can bet security vendors will cite this incident to support the need for their products. Don’t let their spin fool you. Some, if not all, of the files were encrypted, so lax “data security” was not the culprit. Despite the suspect/hacker previously working for AWS, the breach is not an example of an internal threat that Data Loss Protection (DLP) solutions would address.
The complete article can be found here.
