How Paige Thompson Hacked the Capital One Firewall
The 2019 Capital One hack was committed by a transgender person going by the name Paige Thompson. Paige essentially committed the hack and bragged about it on social media in order get attention from others. This crime could be labeled a cry for help, as Paige was suffering from mental health issues as well. Paige was being held in the men’s detention center prior to trial but was released on grounds that the judge feared the defendant might self-harm himself due to inadequate mental health treatment in the facility (Stone, 2019). The trial for Paige is currently set for November 4th, 2020 (US Department of Justice, 2020).
While the actor’s motives and objectives have not been argued in the court of law, they can be fairly accurately surmised from news articles on the case. Thompson had worked for Amazon Web Services, which hosted the data for Capital One. Thompson exploited a misconfigured firewall on the servers and in doing so was able to obtain privilege escalation (Krebs, 2019). He did this by creating a program that would scan the web applications of all clients of AWS, searching in particular for that specific firewall misconfiguration. Once it was found for Capital One, Paige then set about downloading reams of data. All in all, approximately 100 million customers of Capital One had their data compromised by the hack. The only reason the hack was known about, however, was because the hacker posted his doings on GitHub, the programmer code-sharing social media site. Thompson obviously wanted to win the attention of other programmers, coders and hackers. But when a user on GitHub contacted Capital One about the possibility of a hack, based on the information posted by Thompson, Capital One reached out to the FBI. The FBI then traced the postings on GitHub back to Paige Thompson and an arrest was made (Krebs, 2019).
Based on that information, it is apparent that Thompson knew about the misconfigured firewall from time spent at AWS, and he used that knowledge to exploit the firewalls of clients and gain access to their data. That Thompson never actually used the information in a ransomware attack or to hold data hostage shows that the crime was never for personal gain but rather solely for attention. Considering Thompson’s other unusual posts and gender dysphoria, it is likely that this was a cry for help.
Thompson used knowledge from working at AWS to attack the systems of AWS, which is an ethics violation first of all. Thompson then wrote a script to scan the web applications. Though this is normal operating procedure for hackers, it is not something that most people would do unless they had criminal intent. Normally, however, hackers do this to gain financially. Thompson did not, which raises the likelihood of this being a mental health issue more than a criminal justice issue. While his strategy was successful because he had insider knowledge on AWS programming, his actions are what led to his being caught by federal agents. The need to show off and boast about what he had done led the authorities right to him. Typically, hackers try to remain anonymous...…health issues used programming to vent his frustration and draw attention for himself in what was a cry for help. The data was not used for exploitative purposes. The system configuration flaw was addressed and it overall highlights the need for companies to conduct better security reviews of their digital systems. Capital One has been sued, however, by the same company that went after Yahoo! and Equifax after their respective data breaches. As Equifax settled out of court with for $700 million and Yahoo! for $117 million, it is likely that Capital One would also settle for an amount somewhere between those two, based on the number of people impacted (Dellinger, 2019). Thus, the reality is that hacks of this nature may seem like no big concern but they can be immensely costly down the line. Thus, it is worth investing in security risk mitigation protocols.
In conclusion, the 2019 hacking of Capital One was an isolated incident in which a disgruntled programmer from AWS was seeking attention as a way to deal with mental health issues. Capital One was not targeted specifically; it was simply the company found to have an exploitable firewall weakness after Thompson wrote a script to scan AWS client web applications or a way in. The weakness could have been prevented had it been known about by Capital One’s data security team, but there was clearly a disconnect between the reality of the firewall and the team’s understanding. This is why communication between hosting providers like AWS and its clients’ security teams is important and should be conducted with more frequency.
References
Dellinger,…
References
Dellinger, A. J. (2019). Capital One Hit With Class-Action Lawsuit Following Massive Data Breach. Retrieved from https://www.forbes.com/sites/ajdellinger/2019/07/30/capital-one-hit-with-class-action-lawsuit-following-massive-data-breach/#4689f6226b1a
Krebs, O. S. (2019). Capital One data theft. Retrieved from https://krebsonsecurity.com/2019/07/capital-one-data-theft-impacts-106m-people/
Stone, J. (2019). Alleged Capital One hacker Paige Thompson to be released before trial. Retrieved from https://www.cyberscoop.com/capital-one-hacker-free-trial-paige-thompson/
US Department of Justice. (2020). US v. Paige Thompson. Retrieved from https://www.justice.gov/usao-wdwa/united-states-v-paige-thompson
White House Information Security Breach Russian hackers blamed for cyber attack that exposed President's private schedule - as White House insists computer system is secure-by Daily Mail The article is a of the six months investigations that were commenced on the cause and source of the cyber attack and information security breach that took place in October 2014 within the State Department and exposed some of the restricted information within the White
Cyberattacks to Achieve International Threats Cyberattacks have become a global phenomenon leading to international conflicts among individuals, organizations and in conjunction to military operations. Target of cyberattacks include banking services, critical organizational infrastructures, government networks, and media outlets. Implication of such attacks may be an attempt to achieve both financial and political objectives. Typically, some attackers have defaced websites of different organizations, damage corporate infrastructures, and shut down network systems.
All of those sites were U.S. government sites. The July 6 update increased the number to 21 U.S. sites. On July 7, the South Korean sites were added and on July 8, the total number of sites reached 26 ("No Sign of N. Korea Backing," 2009) The U.S. Websites were back up and running within a day of the attack. The South Korean sites took more time to recover ("Cyberattacks
victims of an organization's data breach? The largest data brokers, government agencies, retailers, Internet businesses, financial institutions and educational institutions of the nation have disclosed a number of computer intrusions and data breaches. A data breach can take place in case of theft or loss of, or some kind of illegal access to the data that contains sensitive information which is personal and can compromise the integrity or confidentiality of
Heartland Data breach may well have been one of the biggest security breaches ever perpetrated. Heartland Payment Systems, Inc. (HPS) provides debit, prepaid, and credit card processing, online payments, check processing, payroll services as well as business solutions for small to mid-sized industries. Approximately, 40% of its clients are restaurants. HPS is the fifth largest credit card processor in the United States and the 9th largest in the world. The breach
In this Facebook data breach essay, we discuss how Facebook allowed applications to mine user data. The essay will explain what data was breached, how it was breached, and how that data was used. Furthermore, the essay will also discuss the repercussions of the breach, including Facebook founder Mark Zuckerberg’s hearing in front of the United States Senate, issues involving Cambridge Analytical, and information that is being revealed about additional
Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.
Get Started Now