Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Crime Cloud The Courts The Internet

US Arrests Suspect Who Wanted To Blow Up AWS Data Center (therecord.media) 151

An anonymous reader quotes a report from The Record: The FBI has arrested on Thursday a Texas man who planned to blow up one of the Amazon Web Services (AWS) data centers in an attempt to "kill of about 70% of the internet." Seth Aaron Pendley, 28, of Wichita Falls, Texas, was arraigned in front of a Texas judge today and formally indicted with a malicious attempt to destroy a building with an explosive.

The US Department of Justice said Pendley was arrested on Thursday after he tried to acquire C-4 plastic explosives from an undercover FBI employee in Fort Worth, Texas. The FBI said they learned of Pendley's plans after the suspect confided in January 2021 via Signal, an encrypted communications app, to a third-party source about plans to blow up one of Amazon's Virginia-based data centers. The source alerted the FBI and introduced the suspect to the undercover agent on March 31.
"The suspect allegedly told an FBI agent that he wanted to attack Amazon's data center because the company was providing web servers to the FBI, CIA, and other federal agencies and that he hoped to bring down 'the oligarchy' currently in power in the United States," the report says.

Pendley could face up to 20 years in federal prison if he's found guilty and convicted.
This discussion has been archived. No new comments can be posted.

US Arrests Suspect Who Wanted To Blow Up AWS Data Center

Comments Filter:
  • by h33t l4x0r ( 4107715 ) on Friday April 09, 2021 @10:35PM (#61257466)
    I mean, 10% of the internet tops.
    • Mental illness?

      Look, I might be unusual, but I think our existences of walking daze and inaction are the actual thing that's mentally ill.

      Also, any form of trigger or belief (=thought held despite lack of evidence or even existence contradicting evidence.) aka delusion or willful ignorance.
      Including any form or irrational/exsagerated fear/anxiety. From buying a SUV or iPhone or Fixie, to glorifying the past or minimalism etc, or hating some scapegoat (fringe groups, foreigners, white men, SJWs, etc.), and s

    • by shanen ( 462549 )

      Why am I reminded of Mr Mechano in The Human Comedy by Saroyan? Still, well played, sir.

  • Pretty stupid plot (Score:5, Interesting)

    by SuperKendall ( 25149 ) on Friday April 09, 2021 @10:40PM (#61257472)

    Does this dude have any idea how big most data centers are?

    I mean, maybe the guy could have taken out several racks of highly redundant servers, and triggered the Novec dump. It would have been annoying to a few data center techs but that's about it.

    Even if you did have some magic thing that would take out a whole Amazon data center, I'd wager that every single server in the place had counterparts in other regions that would just keep humming along as if nothing had occurred.

    The only thing we really still have to worry about truly taking out the internet, is high atmosphere EMP weapons...

    • by operator_error ( 1363139 ) on Friday April 09, 2021 @10:54PM (#61257494)
      I hear you.

      For a citation as to potential damage I offer that incident at the AT&T data center in Nashville just last Christmas which took out a surprisingly large chunk of the regional internet for well over a day.

      https://en.wikipedia.org/wiki/... [wikipedia.org]
      • by dgatwood ( 11270 )

        For a citation as to potential damage I offer that incident at the AT&T data center in Nashville just last Christmas which took out a surprisingly large chunk of the regional internet for well over a day.

        My route from northwest Tennessee to east TN went through California for a day, so yes, it was pretty rough (but functional). That said, it would take a lot more than taking out any single data center — even a major backbone DC — to kill 70% of the Internet. Heck, even nuking the entire United States would only shut down about 39.7% of the Internet, give or take.

        • Heck, even nuking the entire United States would only shut down about 39.7% of the Internet, give or take.

          Would it rid us of Facebook and the invasive grasp of Google in the process?

          Asking for a friend.

        • It's happened. I was working on 9/11, and the attack effectively took out a chunk of east coast network infrastructure.

          • I doubt the attack did that, more than likely the RESPONSE to the attack did that.
            • There was loss of power to a major part of New York City, including data centers in the financial district. The towers themselves hosted critical microwave links for data throughout NYC. Various fibers were cut, and repeaters in various networks lost power over the next few days as battery backups were used up and fuel for backup generators was reserved for critical rescue and infrastructure use. Even the dust in the air, clogging vents and reducing air circulation, was an issue.

              https://www.datacenterknowle [datacenterknowledge.com]

              • Fair point, I suppose the idea of something like 9/11 happening was never considered (and for good reason) so they never really factored that into disaster recovery plans or the possible repercussions.
                • Various telecom providers are used to dealing with earthquakes, tornadoes, and very occasionally volcanoes. Various companies got creative about routing around the gaps, and supporting each other in the crisis. A number of high tech companies providing critical Internet infrastructure lost their leadership that day, including Akamai's CEO who had _invented_ their service with his PhD thesis.

      • by hey! ( 33014 ) on Saturday April 10, 2021 @12:03AM (#61257594) Homepage Journal

        The Nashville bomber obviously put a lot of effort into scaling his explosion. He basically built an RV-sized bomb.

        If you get enough C4 you can make an impressive explosion. The Khobar Towers bombing was *thousands of pounds* of C4 built into a truck bomb and ripped the facade off an 8 story building. But even though that left a crater 85 feet across and 35 feet deep, it wouldn't necessarily have taken out a major data center, which would have redundant power and data leads coming from different directions. The energy of a bomb is dissipated in 3 dimensions; so to double the radius of destruction you've got to cube the size of the bomb -- roughly speaking.

        The Nashville bomber made is bomb really big. And he got lucky; likely a "golden BB" effect. There's no way anything you could lug around in a box is going to take out a major data center.

        • Well there is this [wikipedia.org]. If you could get one inside I am pretty sure it would take out the data centre.

          • by hey! ( 33014 )

            You can try it out by using the Wikileaks map of Amazon Data Centers [wikileaks.org] with NukeMap [nuclearsecrecy.com]. Or you could try it out with this sucker [goo.gl] -- you can just barely fit the entire thing in the "moderate damage" zone.

            • With the 1kT warhead it seems to easily fit the entire data centre into the direct blast radius. Were you trying with the 0.072kT artillery shell? Think this is totally beside the point though, since a) attacking one AWS data centre is pointless and b) probably the EMP effect is more important for a data centre. Makes more sense to use a large device in space above Virginia, which would then probably be a Russian or Chinese attack and seems far beyond what you could fit in the back of a pick up truck.

        • by jabuzz ( 182671 )

          Nope I can take out a data centre with very small amounts of explosive. You just need to be careful in what you target. So first of some shaped charges to fell several of the overhead pylons feeding power to the centre, then take out the generators and possibly the transformers. No power and the data centre might as well not exist. Other things to target would be the fibre optic links into the data centre, because no connection to the internet and again the data centre might as well not exist.

          Fortunately te

          • But that requires access to the data center, these guys are trying to blow them up from the outside.
          • by hey! ( 33014 )

            You're assuming there's a single power grid connection to the data center. Actually for the big ones they have multiple connections to different parts of the grid and coming in from different directions. Each is backed up with its own generators in parallel and then distributed throughout the building to dual corded servers. The Achilles heel for any grid supply is likely wherever the switchover from grid to backup generator occurs, but you'll need to take out at least two of them to take out *any* servers

            • Microsoft one has there own substation

              https://www.google.com/maps/@4... [google.com]

              • by hey! ( 33014 )

                Notice they have two different grid feeds coming in. However the utility polls supporting the connection aren't even fenced off. That seems like an oversight.

            • by jabuzz ( 182671 )

              No I am not assuming a single anything. I am assuming you deliberately take them all out in quick succession at once. So take out all the incoming power, and then take out the generators too, boom data centre might as well not exist. In fact take out the incoming power properly (aka so it won't be restored anytime soon) and the generators won't be enough to sustain the data centre in the long term. They
              are just not designed to power a data centre for weeks on end.

              You don't need a major truck bomb either, mo

              • by hey! ( 33014 )

                The Amazon data centers in Northern Virginia don't seem to be fed by overhead power or data lines, for example this one. IF you do a street view, the physical security seems pretty formidable too. You're going to need the city engineering documents and a large enough bomb to blow a substantial crater in the street -- assuming that all the underground utilities are laid through a single tunnel.

                Or take a look at this behemoth [goo.gl], which houses AWS. Exactly where you place your hand carried bomb to take this th

          • One well aimed MOAB will do the job first time. Obviously. Go big or go home. You fuckers can go home.
    • by hey! ( 33014 )

      At least from what I've read he had pictures of the site he was attacking, so he knew it was huge. And the package of "C4" he received was small enough in volume for him to carry to his car.

      Putting two and two together here, it looks like thinking things through is not this guy's strong suit.

    • taking out an entire datacentre would not be particularly hard at all. Just don't expect it to have a lot of effect.
    • Yeah, a bit of hyperbole from the article and dreaming from the suspect. Virginia is us-east-1 in Amazon - one of at least 20 regions now. Within us-east-1 there's 6 or 7 availability zones. Each zone would be more than one DC. Even if he managed to completely level one DC, it would be somewhere in the noise level of the amazon capacity loss, let alone the entire internet.

    • In Australia, the Chinese simply bought the Datacentre. For some reason it will take the .au govt some 5 years to move off the formerly approved high security security datacentre. So what he should have done is print some big red 'CCP Approved Datacentre' self adhesive stickers over the place, take some pictures, and let social media do its thing.Then go to the comms racks and plant some 'Russian Federation Approved' seals on the bottom of equipment where it is not visible, and will be only spotted on the d
    • You should be able to knock out the DC if you target just the right place - there should be a single room where all the power is managed, switching between the grid connection and backup generators. That would certainly inconvenience Amazon greatly, as the whole DC would be out of action for days. But knowing where to hit would need inside knowledge, and you'd need to get your bomb into the room as well. Such an attack could only be pulled off by someone who actually works there.

      • Or the fiber optic core. They're supposed to be high availability and have distinct feeds, but they are very likely to have a single point of failure, especially if there is a "Room 641a". That was the fiber optic tapping room for the NSA in an AT&T facility, publicly exposed in 2006.

        • Hi, I just wanna walk into your datacore with this suitcase. No, you can't search it.

          • by jabuzz ( 182671 )

            The fibre connection for the datacentre is by definition not *IN* the datacentre. Even if it's diverse you can still take them all out. Hell you don't even need a bomb, just plan it correctly put some cones and lights up, get your backhoe out and boom.

            • A competently designed, high-availability data core has multiple fiber-optic feeds from multiple providers, entering the room via multiple conduits. Given some blueprint and network blueprint access, I might look for locations where many if not all the fiber optic connections were in one small area.

          • Rent some rack space in the datacenter and the staff will let you walk in without searching you.

    • by BAReFO0t ( 6240524 ) on Saturday April 10, 2021 @07:41AM (#61258134)

      Fun story from 80s/90s Spain:

      For dictstorship reasons, the entire telephone network was centralized to four large switches, comprable to large advertising columns. One for each quarter of the country.

      Some cheeky bastards got in, and hacked down three of them with axes, before getting caught. Three thirds of the country were offline. For quite some time.

      Also, in the late 90s, their local Internet boxes at the side of the road had a lock that you could buy at the hardware store, and a serial port inside. And enough space to lock your laptop in with it so you could be somewhere else while it could run through all the combinations of the way too short terminal password. ;)

    • Does this dude have any idea

      No. In general. We don't even need to read to the end of the sentence. Size of data centres, buying C4, Amazon's importance to the internet, the concept of geographical redundancy, the idea that taking down Amazon will knock the FBI/CIA offline, or the idea that this will in any way disrupt the power balance in the USA. The guy doesn't know shit about dick.

    • Perhaps he figured that by damaging the diesel backup gen, that would start a fire. And the poorly designed suppression system would finish the job by flooding the data center with water.

    • Comment removed based on user account deletion
    • high atmosphere EMP weapons

      The square of R disagrees with this as an enhanced threat.

    • Manufactured crime? The FBI has a reputation for finding mentally challenged people, and setting them up to commit crimes. Makes for good headlines and probably lots of internal kudos. Never mind that these people would never have managed to do anything without FBI help.
  • by Anonymous Coward

    Finally, we've got him!

  • that might of cut down the spam Amazon sends out for a few days.

    Oh well, I guess iptables won't get to take the weekend off.

    • by Tablizer ( 95088 )

      Lucky for you the FBI's nutcase database is full.

      • by Indy1 ( 99447 )

        Well their 8 bit database probably crashed again. And according to the Feds, everyone who doesn't worship big government is a "nutcase".

  • that we learned after Pearl Harbor not to put all our eggs in one basket.

  • Theoretical maximum sentences are like theoretical maximum floating point performance. They only happen when a bunch of unlikely things coincide.

    He'll get a recommended sentence from a system of points and tables. If he's a first offender, takes responsibility, and has the brains to take the plea deal, it's going to be *way* less than 20 years.

  • Remind me how many people have been arrested for paying ransomware blackmail fees in the US? for data lacking a viable backup? I believe that number is ZERO. Turning a blind eye here, is much more damaging than mentally ill shitheads. If you want to sabotage real US industry he should have been working for the big 4 consulting firms that say put everything in the cloud, then sack all IT admins who are really sand-shoe SJW banana eaters.
    • A blind eye?

      Sorry, but I gotta tell you: It's not the cop propaganda shows on television. The vast majority of crimes are never caught or even resolved in any way.

  • But there's so much of it going around, I'm not even going to bother looking into it.
  • by bobstreo ( 1320787 ) on Saturday April 10, 2021 @01:54AM (#61257720)

    Idiots "digging" in the wrong place have wreaked more havoc on the Internet, electrical backbone and natural gas pipelines than almost any "terrorist" infrastructure attacks.

  • We just don't actually plan it or go through with it. We add IP ranges to our firewalls.

  • by skoskav ( 1551805 ) on Saturday April 10, 2021 @03:17AM (#61257806)
    AWS has triple redundancy in its regions. Even if the nutter could have taken out the us-east1a data center, the 1b and 2c data centers in the same region would keep on serving, as they're separated by up to 100 kilometers [amazon.com] from each other.
    • People don't _install_ redundant databases or servers on the distinct VLAN's for the distinct data centers. It's why us-east1a is so overpopulated.

      • by Cyberax ( 705495 )
        There's no single "us-east-1a". Each customer gets its own mapping between letters ('us-east-1a', 'us-east-1b', ...) and actual availability zones. This is exactly done to make sure that one AZ doesn't get too large. BTW, internally Amazon uses airport codes for the datacenters.
        • "I" am not the one who claimed that us-east-1a, us-east-1b, etc. represent physically distinct data centers, that was skoskav. I merely observed that people don't take advantage of it. Whether us-east-1a is split on the back end, people use it by default and tend to overwhelm it in their own configurations because it's the first listed us-east "region". They also tend not to use genuine high availablity setups, relying on manual switchovers or poorly designed "consensus" clusters that send all traffic to th

        • Thanks for the correction. I did not know this.
      • by nzkbuk ( 773506 )
        Apart from the fact that US-East-1 has 6 or 7 Availability Zones, the reason US-East-1a is over populated is because most "People" using it are:
        a) Running a small pet project that no one cares about
        b) Clueless in how to make use of cloud systems and have no place in IT.
        AWS make it VERY simple to allow a DB to fail over from one AZ to another. Most people will just default to AZ-a. As for the servers, vlans etc. Any company with even a half compentant person running their IT will be using ASG's and loadb
        • As cyberax noted [slashdot.org], the letters in AWS availability zones have different mappings for each account. Your us-east-1a might actually be my us-east-1b. AWS does this to avoid the exact problem that you're suggesting, that most people will pick us-east-1a over -1b or -1c because they're lazy, uninformed, or don't care, and then AWS ends up with 80% utilization in 1a, 15% in 1b, and 5% in 1c.

        • > Any company with even a half compentant person running their IT will be using ASG's and loadbalancers

          And an "infinate" budget for their "compentant" personnel. They'll also have software that isn't confused by X-Forwarded-For, proprietary databases that multi-host without split brain, and auto-scaling groups don't get taken down _more_ frequently and can have members easily synchronized when they spin up.

          Most small companies, or small projects in big companies, don't have that kind of budget. Many run

  • The data center probably has the actual telecom fiber cables coming in in a limited number of places (probably just 1), and going to racks of high end switches.

    A small bomb there, or on the power panel for that region of the data center, would take it offline.

    Like everyone else points out, it wouldn't affect any data that is geographically available in more than 1 facility. Customers using specific leased machines might get annoyed when their sessions terminate and they might lose access to their most rece

  • by turbidostato ( 878842 ) on Saturday April 10, 2021 @03:47AM (#61257824)

    So this guy is a lunatic with obviously a CI in the low side of double digits.

    But then, it was because the FBI was selling C4 that he was arrested.

    It was not only that FBI was selling C4 but that FBI was marketing itself as a C4 vendor successfully enough as for this guy to choose it as his provider so chances are this guy came with the idea of "hey! lest's buy some C4 to blow up a datacenter" *because* the FBI makes it look like buying C4 out of the Internet is a doable thing. Conversely, if FBI wasn't selling C4 this guy may have not this idea and would never try to attack a datacenter, not with C4, at least.

    What's your opinion, USA guys, about the fact that your own government is one of the most successful actors in promoting in-land terrorism?

    • by Cederic ( 9623 )

      Any five man terror cell in the US contains one member of the FBI, one from the DEA, one from ICE, one from ATF and the one that wanted to get out of the house from time to time, enjoy a barbecue with the lads and is confused about why he was arrested.

      This guy however wanted to attack the data centre before the FBI got involved. It's how they found him. For once you can avoid the attack on them.

    • So this guy is a lunatic with obviously a CI in the low side of double digits.

      But then, it was because the FBI was selling C4 that he was arrested.

      It was not only that FBI was selling C4 but that FBI was marketing itself as a C4 vendor successfully enough as for this guy to choose it as his provider so chances are this guy came with the idea of "hey! lest's buy some C4 to blow up a datacenter" *because* the FBI makes it look like buying C4 out of the Internet is a doable thing. Conversely, if FBI wasn't selling C4 this guy may have not this idea and would never try to attack a datacenter, not with C4, at least.

      What's your opinion, USA guys, about the fact that your own government is one of the most successful actors in promoting in-land terrorism?

      I'd say thwart rather than promote. Once they were told about the guy's plan they investigated to see if he was serious or just another internet idiot, and that often involves pretending to supply weapons. Had he said at the start, "hey, I'm not serious," it would never have gotten much further than him being part of a database. Until they establish he is not serious they need to follow up to ensure he doesn't try to attack and/or isn't part of a larger conspiracy.

    • by Ichijo ( 607641 )

      It's kind of like the way cities in the USA promote intoxicated driving by requiring bars to provide cheap, abundant parking!

    • The FBI does this a lot and I'm happy they are catching these dim witted terrorists. Yeah there's a good chance this guy could have fizzled out because he couldn't obtain explosives. But then again the Oklahoma City bombing was done with fertilizer and diesel fuel... Maybe the real lesson here is potential terrorists talk too much?

  • Sell 'em Microsoft products, Way more destructive than any explosives ever could be.
  • are really putting bad guys away or just a big mouths who had no real possibility of putting anything working together.
    So the FBI steps in provides xyz enabling everything and "bang the FBI victim convicts themselves.
    • If people are that dumb then I don't feel bad for them. Like when someone tries to hire a hitman and its an undercover cop 100% of the time.

  • It's Amazon. What more reason does anyone need? ;)

Reality must take precedence over public relations, for Mother Nature cannot be fooled. -- R.P. Feynman

Working...