Want to create interactive content? It’s easy in Genially!

Get started free

Capital One Data Breach PPT

sakshisawants4100

Created on March 22, 2021

Presentation for case study on Capital One Data Breach

Start designing with a free template

Discover more than 1500 professional designs like these:

Higher Education Presentation

Psychedelic Presentation

Vaporwave presentation

Geniaflix Presentation

Vintage Mosaic Presentation

Modern Zen Presentation

Newspaper Presentation

Explore all templates

Transcript

A Case Study on

Capital One Data Breach

By

Snehal Salunke(39) | Vaishnavi Sawalkar(40) | Sakshi Sawant(41)

Department of Computer Science & Technology Usha Mittal Institute of Technology, SNDT Women’s University

INDEX

Capital One

Data Breach

Process of Data Breach

Capital One Data Breach

Hacking

Recovery

Cost of Data Breach

Precautions

Conclusions

References

Thank you!

  • 5th Largest Bank in the US & 8th Largest Bank world wide (2020), headquartered in McLean, Virginia
  • Approximately 50 thousand employees
  • 28.6 billion US dollars in revenue (2019)
  • Known as technology - focused bank with 85% technology workforce are engineers

Data Breach

Data : facts & statistics collected together for reference or analysis Data Breach: Information is stolen or taken from a system without the knowledge or authorization of the system’s owner. It may damage the company's reputation & trust on company. According to the study report by Interbrand and Infosys, called ‘Invisible Tech, Real Impact’, the world’s top brands might lose between $93bn & $223bn because of a data breach.

How Does Data Breach Work ?

Capital One Data Breach: Hacking major bank on public cloud services

2015: existing and new applications hosted on AWS (Amazon Web Services) March - July 2019: An unauthorised user accessed data stored in AWS S3 bucket of about 106m customer records Stored it on GitHub account of Paige Thompson & revealed it on Slack with username ‘erratic’. 17 July 2019: Capital One Noticed Data Breach & case handed to FBI (Federal Bureau of Investigation). 29 July 2019: FBI arrested Paige A. Thompson on suspicion of downloading nearly 30 GB of Capital One's data

Hacking:

  1. While searching for AWS instances, attacker found EC2 instance working on reverse proxy.
  2. Using the custom header, the attacker exploited the proxy and made a service request to enumerate an IAM role & to obtain the Access Key ID and Secret Access Key.
  3. The hacker obtained AWS keys for IAM role call "****-WAF-Role"
  4. The stolen AWS keys were used to list S3 buckets that were accessible to that role
  5. The accessible data was copied from S3 buckets to destination folder by executing AWS CLI sync command.

How Capital One Knew about the Breach ?

The Github account name : Netcrave

Cost of Data Breach:

  • Capital One incident affected approx 106m people in the US & canada
  • The data had approx 140,000 Social Security numbers & 80,000 bank account numbers
  • Roughly 1m Social Insurance Numbers (SINs) for credit card customers.

Precautions

  • Misconfiguration in cloud storage of IAM(Identity and access management), Role permisssions of EC2 instance should be prevented.
  • Proper access right & role management should be assigned.
  • Use of AWS - IAM user policies should be encouraged to specify the users that can access specific buckets and objects.
  • Perform AWS penetration testing , S3 Bucket Permission check.
  • Ultra security in cloud should be increased.

Precautions

  • Seperate resources & do not mix private and public data within an S3 bucket.
  • Implement the WAF(Web Application Firewall) offered by Amazon which integrates with CloudFront and blocks suspicious requests.
  • Monitor the S3 buckets by AWS Configuration, AWS Cloudtrail and Lambda.
  • Enable email notifications from trusted Advisor to get notified of unintended changes to the bucket policies and bucket ACLs(Access Control List).

Conclusion

  1. Enough compliance controls must be assigned to identify the unauthorized access and data exfiltration.
  2. Global policy for data protection needs to be established.
  3. Use and implement well-established standards, the NIST or ISO framework in the organisation. Eg. Latin America

References:

  • Shinde, S., 2021. Data breach could cost world's top brands up to $223 billion, finds study. [online] Business-standard.com. Available at: <https://www.business-standard.com/article/companies/loss-due-to-data-breach-could-cost-brands-93-bn-hurt-trust-study-121030900970_1.html> [Accessed 22 March 2021].
  • American Banker. 2021. Capital One to pay $80M in connection with massive data breach. [online] Available at: <https://www.americanbanker.com/news/capital-one-to-pay-80m-in-connection-with-massive-data breach#:~:text=The%20hack%20compromised%20personal%20data,were%2080%2C000%20bank%20account%20numbers.> [Accessed 22 March 2021].
  • The Verge. 2021. Capital One ordered to pay $80 million penalty for its role in a 2019 data breach. [online] Available at: <https://www.theverge.com/2020/8/8/21359761/capital-one-80-million-fine-2019-data-breach> [Accessed 22 March 2021].

THANK YOU!