[ad_1]
CEO of Amazon, Jeff BezosREUTERS / Clodagh Kilcoyne
- A trio of Republican congressional members of the House's oversight committee sent an open letter to Amazon CEO Jeff Bezos.
- In this paper, they expressed their concerns regarding the breach of Capital One and the underlying security of Amazon's cloud, Amazon Web Services.
- AWS is widely regarded as the favorite to win a winning contract offering cloud services to the defense department. This letter implies that this violation could harm Amazon's chances.
Three Republican members of the House of Commons Oversight Committee posed questions to Amazon's CEO, Jeff Bezos, about Amazon's cloud security, Amazon Web Services.
On Thursday, they sent a letter to Amazon expressing concerns about the violation of Capital One and the underlying security of AWS.
Amazon, with its market-leading cloud, is widely regarded as the favorite of a win-win-all deal for providing cloud services to the defense department. This contract, known as Joint Defense Infrastructure Joint (JEDI), can reach $ 10 billion over 10 years.
The lawmakers who sent the letter are Jim Jordan (R-OH); Michael Cloud (R-TX) and Mark Meadows (R-NC) were sent in response to Capital One's major hacking and the role of AWS in this hacking.
Paige Thompson, a former AWS employee, was arrested and charged with being at the origin of the attack. Capital One uses AWS in its own way. This hack affected the personal information of more than 100 million people, including some social security and bank account numbers.
AWS acknowledged in other news reports that Thompson was a former employee and that Capital One was one of his clients. But Capital One said that Amazon was not at fault and the criminal complaint seems to corroborate this badumption. The complaint indicates that the hacker discovered and used a "bad configuration" of a computer security device called firewall.
A misconfiguration is a common mistake made with software and indicates no inherent security vulnerabilities of the underlying software or hardware. This underlying infrastructure is the part provided by Amazon. Capital One even credited the cloud for helping it find and badyze hacking quickly, in 10 days.
"The services or the AWS infrastructure have not been compromised in any way, "said Business Insider a person familiar with the case.
Nevertheless, lawmakers say they want to investigate because the government is about to trust AWS with some of the country's most sensitive data.
"Since AWS will provide the reliable Internet connection and cloud support for the 2020 census and could potentially exploit the Department of Defense's Common Defense Infrastructure cloud computing system, the Committee can carefully consider the consequences of this violation." ", says the letter.
Amazon should be equipped to respond. It has already achieved a multitude of security certifications imposed by the federal government and is the cloud of choice for a number of federal agencies.
But the fact that these legislators evoked the contact of JEDI is interesting. JEDI's competitors lobbied President Trump to prevent the price from going to Amazon, the cloud's biggest competitor. Such pressure means that Microsoft has become a true contract candidate, even though Amazon would have more cloud functionality than departments are looking for at a cloud provider.
On Thursday, Trump's secretary of defense suspended the awarding of this contract so that his office could examine it personally.
Washington's anomony towards Amazon nowadays seems to be one of the few things on which both parties are in agreement. Trump has regularly met with CEO of Amazon, Jeff Bezos, also owner of the Washington Post. And the FTC started asking questions about Amazon.
Meanwhile, Democratic presidential candidates have blamed Amazon for paying no federal taxes. Some, like Elizabeth Warren, even called for the demolition of Amazon.
Source link
