At the recent AWS re:Inforce security conference, executives highlighted Amazon’s strong security culture, developed over many years with consistent focus and investments. Amazon’s decision to build its own identity system, Midway, proved to be crucial during the SolarWinds attack of December 2020, which exploited weaknesses in Microsoft’s Active Directory and Azure environments.
The SolarWinds attack, attributed to Russia’s APT29 group, used Golden SAML to gain administrative access to compromised networks and breach over 100 downstream organizations, including US federal agencies. Microsoft was warned about the risks of Golden SAML as early as 2017, but dismissed the threat until after the SolarWinds incident. Former employee Andrew Harris criticized Microsoft for not taking action sooner and failing to inform customers about the risks posed to AD FS.
Amazon’s migration to Midway, its own IAM system, proved to be a wise decision, as it enabled the company to proactively protect its infrastructure and avoid security incidents that have affected other cloud providers. AWS officials emphasized the importance of their security culture in making this decision and staying ahead of potential threats.
Reflecting on the SolarWinds attack, Amazon’s VP of Security Engineering, CJ Moses, credited the company’s early investment in building Midway as a key factor in preventing similar breaches. He highlighted the importance of preparation and continuous focus on security as crucial in the ever-evolving threat landscape faced by cloud providers. Moses stressed the need for vigilance and readiness to address potential security risks to avoid falling victim to cyberattacks.
In conclusion, Amazon’s strategic decision to invest in building its own identity system, Midway, paid off by providing the company with the flexibility and control needed to safeguard its infrastructure. The SolarWinds attack served as a wake-up call for the industry, highlighting the importance of proactive security measures and a strong security culture to mitigate risks and protect sensitive data from cyber threats.
Article Source
https://www.techtarget.com/searchsecurity/news/366589442/How-Amazons-decision-to-ditch-Microsoft-Active-Directory-paid-off