FBI foils one-man plot to blow up Amazon data center

Posted:
in General Discussion edited April 11
A man has been charged for plotting to blow up an Amazon data center in Virginia, in what he believed was an attempt to take down "about 70% of the internet."




Announced on Friday, the Department of Justice confirmed that Seth Aaron Pendley of Wichita Falls was arrested on Thursday and charged via a criminal complaint for an attempt to destroy a building with an explosive. If convicted, Pendley faces up to 20 years in federal prison.

The man's target was an Amazon data center in Virginia, which he thought provided services to the FBI, CIA, and other federal agencies. His aim to "kill off about 70% of the internet" with the explosion, was to bring down "the oligarchy" currently in power in the United States.

According to the DoJ, a concerned citizen contacted the FBI on January 8 over statements placed on a militia organization forum. The man, going by the pseudonym "Dionysus," claimed he was planning to "conduct a little experiment" that would "draw a lot of heat" and was dangerous.

On being asked what the desired outcome of the experiment was, the account responded "death."

The FBI were provided the user's email address, linked to Pendley, and allowed the investigation to look into his Facebook account. This revealed posts where Pendley boasted about being at the U.S. Capitol on January 6.

Private messages on the account allegedly state he bragged to friends that he reached "the platform" of the Capitol building at that day, but didn't go inside. He apparently admits to taking broken glass from a window and met with police at the time, and though he brought a sawed-off AR rifle to D.C., he left it in his car.

Pendley then started to use Signal in late January to speak to an anonymous FBI source. In those messages, Pendley allegedly said he planned to use C-4 to attack data centers to damage the internet.

By March 31, he was put in touch by the source to a person said to be an explosives supplier, but in reality was an undercover FBI employee. Pendley reiterated his intention to attack web servers providing services to the government security agencies.

In a sting operation on April 8, Pendley met with the undercover employee to pick up the explosives, which were really inert and safe. Once the agent showed Pendley how to arm and detonate the non-functional devices and allowed the man to load them into his car, FBI agents moved in to arrest.

"We are indebted to the concerned citizen who came forward to report the defendant's alarming online rhetoric. In flagging his posts to the FBI, this individual may have saved the lives of a number of tech workers," said Acting U.S. Attorney Prerak Shah.

In a statement, Amazon said "We would like to thank the FBI for their work in this investigation. We take the safety and security of our staff and customer data incredibly seriously, and constantly review various vectors for any potential threats. We will continue to retain this vigilance about our employees and customers."

It is unclear exactly why Pendley said that 70% of the Internet would be killed by blowing up one Amazon data center. Like many tech companies, Amazon operates a large number of different data centers around the world, distributing and duplicating data to make it faster to serve to users wherever they are, and to mitigate any network-affecting outages.

If Pendley was successful in taking down one data center, it is highly likely that Amazon Web Services would have simply passed user requests for data to another region. Online services that rely on AWS may endure some issues for a period while changes are put in place to work via other regions, but the Internet would ultimately continue to operate relatively normally within a short period of time.

These affected online services were likely to include Apple. Alongside its own infrastructure, Apple uses AWS and other service providers, and was hit by a major outage of AWS in 2017.

Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.

Comments

  • Reply 1 of 17
    GeorgeBMacGeorgeBMac Posts: 9,441member
    The data center I worked at ran critical systems for a number of Fortune 500 companies.

    It had an amazing number of innovative security features.   One that always intrigued me was that the entrance was up on a second floor and the steps to get to it were off-sized so you could walk up them, but if you tried running you fell on your face.

    it was built 40 years ago.  So most of its security was designed to prevent theft of data & equipment rather than random destruction.   I imagine data centers built more recently are even more fortified and hardened.
    watto_cobrasphericneilm
  • Reply 2 of 17
    DAalsethDAalseth Posts: 1,555member
    It's just a good thing that most of these crazies are also as dumb as a box of hammers.
    lkruppwatto_cobraMisterKitsphericJWSCtokyojimu
  • Reply 3 of 17
    hmlongcohmlongco Posts: 295member
    Not to say the man is a complete and total idiot.... but. 

    Most people have no clue as to the scale of these things. Even a given "datacenter" might be multiple 200,000 sq/ft warehouses spread across a given geographic region.

    https://www.datacenters.com/amazon-aws-data-center-locations
    watto_cobraspheric
  • Reply 4 of 17
    EsquireCatsEsquireCats Posts: 1,165member
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 
    DAalsethGeorgeBMacleavingthebigg9secondkox2watto_cobraspheric
  • Reply 5 of 17
    KuyangkohKuyangkoh Posts: 663member
    The data center I worked at ran critical systems for a number of Fortune 500 companies.

    It had an amazing number of innovative security features.   One that always intrigued me was that the entrance was up on a second floor and the steps to get to it were off-sized so you could walk up them, but if you tried running you fell on your face.

    it was built 40 years ago.  So most of its security was designed to prevent theft of data & equipment rather than random destruction.   I imagine data centers built more recently are even more fortified and hardened.
    Well well, how come lots of personal data or even govt had been compromised by hackers? No explosives required....so where’s the FBI, CIA or IRS
    watto_cobra
  • Reply 6 of 17
    mcdavemcdave Posts: 1,632member
    Luckily, his book of matches were wet.
    watto_cobraswat671
  • Reply 7 of 17
    chasmchasm Posts: 2,365member
    At this point, the remaining Chumpsters should be considered radicalized, and potential domestic terrorists.

    I am grateful to the citizen that reported the disturbing post to the FBI, but very alarmed that the FBI is not, apparently, already monitoring  all "militia forums" and similar domestic violence groups.
    watto_cobra9secondkox2muthuk_vanalingamMisterKitGeorgeBMacsphericEsquireCats
  • Reply 8 of 17
    fastasleepfastasleep Posts: 5,396member
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 
    Who are you referring to? He literally said he was trying to take down government, not act at its behest. 

    In recorded conversations, Mr. Pendley allegedly told the undercover he planned to attack web servers that he believed provided services to the FBI, CIA, and other federal agencies. He said he hoped to bring down “the oligarchy” currently in power in the United States.”
    watto_cobra
  • Reply 9 of 17
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 
    Or if a leader simply calls out the tech industry for legit problems, it doesn’t give justification to vigilantes to do whatever they want in order to “remedy” the issue. Two wrongs don’t make a right. 

    Boycott, confront, protest, etc. all well and good. 

    But to go all _ _ _ and start destroying property, etc... not good, no matter what your views are. 

    Good thing this guy got caught before he could accomplish his goal. 

    Hope this same effort and treatment is given across the board for those who seek to harm others and destroy property. 
    watto_cobra
  • Reply 10 of 17
    GeorgeBMacGeorgeBMac Posts: 9,441member
    Kuyangkoh said:
    The data center I worked at ran critical systems for a number of Fortune 500 companies.

    It had an amazing number of innovative security features.   One that always intrigued me was that the entrance was up on a second floor and the steps to get to it were off-sized so you could walk up them, but if you tried running you fell on your face.

    it was built 40 years ago.  So most of its security was designed to prevent theft of data & equipment rather than random destruction.   I imagine data centers built more recently are even more fortified and hardened.
    Well well, how come lots of personal data or even govt had been compromised by hackers? No explosives required....so where’s the FBI, CIA or IRS

    Our data center was never hacked, robbed, vandalized or terrorized.

    As for "where's the FBI, CIA, or IRS":    Generally, when a company is hacked it's the company's customers rather than the company itself that suffers, so many companies simply don't put the resources into protecting themselves as they could or should.   If companies were held liable for that they might work a little harder.   As it is however, they make some token effort of offering a year of id protection -- which is really not much more than a trial offer...
  • Reply 11 of 17
    sphericspheric Posts: 2,068member
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 
    Who are you referring to? He literally said he was trying to take down government, not act at its behest. 

    “In recorded conversations, Mr. Pendley allegedly told the undercover he planned to attack web servers that he believed provided services to the FBI, CIA, and other federal agencies. He said he hoped to bring down “the oligarchy” currently in power in the United States.”
    A huge part of the narrative driving these terrorists is that Tr*mp was never *of* the government, but was trying to clean up the “Deep State” ACTUALLY running the country (this gets an even more bizarre twist here in Europe, where the narrative only works if the “Deep State” running the United States is in fact a global conspiracy running the entire world). 
    GeorgeBMacEsquireCats
  • Reply 12 of 17
    hexclockhexclock Posts: 910member
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 

    Hope this same effort and treatment is given across the board for those who seek to harm others and destroy property. 
    Like in Portland?
  • Reply 13 of 17
    GeorgeBMacGeorgeBMac Posts: 9,441member
    hexclock said:
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 

    Hope this same effort and treatment is given across the board for those who seek to harm others and destroy property. 
    Like in Portland?

    Probably the Capitol
    spheric
  • Reply 14 of 17
    EsquireCatsEsquireCats Posts: 1,165member
    Just a reminder that if the leader of a country demonises the tech industry, some people will act regardless of whether or not that is a sensible or correct thing to do. 
    Who are you referring to? He literally said he was trying to take down government, not act at its behest. 

    “In recorded conversations, Mr. Pendley allegedly told the undercover he planned to attack web servers that he believed provided services to the FBI, CIA, and other federal agencies. He said he hoped to bring down “the oligarchy” currently in power in the United States.”
    Literally every group listed there has been called out repeatedly by Trump et. al. as part of the narrative of him being a victim to an unspoken conspiracy. Which also goes to explain why this is not the first foiled plan or carried attack on such infrastructure. These people didn't come from no where.
    sphericGeorgeBMac
  • Reply 15 of 17
    A friend of mine used to work for a small tech company that produced online video content in the Bay Area, and they were bought out by one of the large movie production companies. I asked him if it would be possible to get a tour of his office, because I'm really into that. He said yes, and showed me around. He then asked if I wanted to see their data center. Hell ya, I do! It was in the East Bay, and it was hosted by a large Tier 1 network provider. They had rental scans and finger print scanners just to get in the front door. Walking around inside was a complete maze of corridors, network lockers, cabling... Pretty much, it would be very easy to get lost if you didn't know where you were going. But from the outside, you would never know what was going on inside. It looked like just a generic office in the area. The only thing that might possibly give it away was the large bank of back up generators and AC units in the parking lot. But they were hidden in such a way that they looked like the garbage area. It was all "security through anonymity"- if you didn't know what it was, it would be harder to find, and you'd never know how much important internet traffic was going through it. So, I'd be surprised if this nut job would actually know where the real network nodes were, or how to access it to knock out communications. They have so many redundant systems, the backups have backups. 
  • Reply 16 of 17
    sphericspheric Posts: 2,068member
    And I presume that the backup systems for the backup systems are actually out-of-state, just in case of a regional disaster. 
    edited April 13
  • Reply 17 of 17
    GeorgeBMacGeorgeBMac Posts: 9,441member
    swat671 said:
    A friend of mine used to work for a small tech company that produced online video content in the Bay Area, and they were bought out by one of the large movie production companies. I asked him if it would be possible to get a tour of his office, because I'm really into that. He said yes, and showed me around. He then asked if I wanted to see their data center. Hell ya, I do! It was in the East Bay, and it was hosted by a large Tier 1 network provider. They had rental scans and finger print scanners just to get in the front door. Walking around inside was a complete maze of corridors, network lockers, cabling... Pretty much, it would be very easy to get lost if you didn't know where you were going. But from the outside, you would never know what was going on inside. It looked like just a generic office in the area. The only thing that might possibly give it away was the large bank of back up generators and AC units in the parking lot. But they were hidden in such a way that they looked like the garbage area. It was all "security through anonymity"- if you didn't know what it was, it would be harder to find, and you'd never know how much important internet traffic was going through it. So, I'd be surprised if this nut job would actually know where the real network nodes were, or how to access it to knock out communications. They have so many redundant systems, the backups have backups. 

    The data center I worked at did the same.   It was one of the largest in the nation -- but even though it was in a heavily populated area next to an interstate highway, nobody even knew it was there.  Just a boring grey warehouse looking thing with no identifying signs -- actually no signs at all.  Self proclaimed security experts poo-poo security through obscurity.  But, it works and is used by the real experts.   It's a variation of the WW-II mantra  "Loose Lips Sink Ships".
    edited April 13
Sign In or Register to comment.