AWS: SolarWinds Hackers Used Our Elastic Compute Cloud

In a report by CRN, Amazon Web Services stated that SolarWinds hackers used its Amazon Elastic Compute Cloud to carry out the attack, but the service itself was not infected with malware as the company does not use SolarWinds software. “The actors used EC2 just like they would use any server they could buy or use anywhere (on-premises or in the cloud),” said an AWS spokesperson. Several senators have alleged that AWS’ cloud hosting has been used by the hackers to hide their activities as harmless network traffic and have asked the firm to account for its role in the attack. Karl Robinson, director of Logicata, an AWS managed services provider in London, said that while AWS is responsible for making sure that its services are being used in accordance with the law and the company’s business terms, cloud service providers should also trust their customers because “it’s almost impossible for them to proactively detect and prevent every type of nefarious activity.” The company provided one update to the Senate Intelligence Committee, but the committee is still waiting for a full update on the situation, said Sen. Mark Warner, D-Va.