ipl-logo

Capital One Essay

2069 Words9 Pages

Security Research:
Capital One : Server-Side Request Forgery Attack (2019)
Belga, Kenneth James B., Cabais, Anton Caesar, Corda, Joshua B.
Bachelor of Science in Computer Science 3B

I. INTRODUCTION
Capital One Financial Corporation is a diversified bank founded by Richard Fairbank, an American billionaire and businessman. Mr. Fairbank started Capital One as a start-up company and has grown it to be one of the ten largest banks in America. The bank company is also considered to be a Fortune 500 company, one of the largest companies in all of the United States of America.
Capital One offers a broad array of financial products and services to consumers, commercial clients, and small businesses. Just like any other bank, the company also provides …show more content…

AWS is a platform that provides cost-effective and scalable cloud-computing solutions. The platform provides virtual machines that customers and companies can use to store data, run internal applications, and web servers. With this, the said bank company is now able to manage data at a larger scale and provide enhanced customer experiences with the help of machine learning.
Amazon Web Services (AWS) was made to help customers build secure, high performing, efficient, and resilient infrastructure for their applications. With AWS, customers are able to control where to store their data, who can access it, and what the organization is using at the given moment. Amazon also employs world-class security experts that monitor the infrastructure (AWS) and maintains a broad selection of innovative security systems.
Currently, Capital One Financial Corporation has over 43 million accounts active. During the final quarter of 2022, the company recorded a 12.73% increase in assets and totalled to be $455.25 billion. With the mentioned amount of assets, the bank company cannot go unprotected from threats and risk of a security …show more content…

Thompson also had an account on GitHub, a software development site, where she posted some of the information she obtained from the intrusion. The page included her full name, which confirmed her identity. Additionally, one of Thompson's Slack posts mentioned a veterinarian's receipt for one of her pets, confirming that she was a pet owner.
During the closing argument of Andrew Friedman, an assistant U.S. attorney, he stated that Thompson's motivation was to steal data, money, and to brag. The US Justice Department also stated that Thompson had no plans to alert Capital One of its security problems and that she bragged to her online friends about the vulnerabilities she uncovered from the attack. In addition to hacking Capital One's data, Thompson also planted a software on the company's server, stealing its computing power to mine cryptocurrency, according to the Justice

Open Document