Cybercrime , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development

Texas Man Charged With Planning to Bomb AWS Data Center

DOJ: Suspect Believed He Could Disrupt 70% of Internet Traffic
Texas Man Charged With Planning to Bomb AWS Data Center

A 28-year-old Texas man is facing a federal charge after he allegedly tried to buy explosives from an undercover FBI agent to bomb an Amazon Web Services data center in Virginia, according to the Justice Department.

Seth Aaron Pendley of Wichita Falls faces a felony charge of malicious attempt to destroy a building with an explosive. The charge carries a maximum 20-year federal prison term. The FBI arrested him Thursday, and he remains in custody. A public defender for Pendley has not been assigned yet and no plea has been entered, according to the court case file.

See Also: Panel Discussion | MITRE ATT&CK Framework: Seeing Through the Eyes of Your Attacker

Tracking Communications

In January, Pendley allegedly started using Signal, an encrypted messaging app, to communicate with another person about a plan to use C-4 plastic explosives to bomb a tech company's data center in Virginia with the intention to "kill off about 70% of the internet," according to court documents.

Although statements from the FBI and Justice Department do not name the technology company that owns the data center Pendley allegedly wanted to bomb, court documents from the case reveal it was an Amazon Web Services facility in Ashburn, Virginia.

The person that Pendley was speaking to over Signal was a confidential source for the FBI. In March, the confidential source introduced Pendley to an undercover agent who posed as an explosives supplier and claimed he could supply plastic explosives and demonstrate how to arm the devices, prosecutors say.

When Pendley met with the undercover agent posing as the supplier on Thursday and was given fake explosives, he was arrested and charged, the DOJ reports.

On Monday, an AWS spokesperson thanked law enforcement officials for making the arrest. "We take the safety and security of our staff and customer data incredibly seriously, and constantly review various vectors for any potential threats. We will continue to retain this vigilance about our employees and customers," the AWS spokesperson said.

Capitol Connection?

The FBI first became aware of the alleged plot to target the AWS data center in January, when another confidential informant alerted the bureau about a series of conversations happening on MyMilitia.com, a forum dedicated to organizing militia groups, according to the Justice Department.

Many of these conversations started on Jan. 8 - two days after a mob attacked the U.S. Capitol, which resulted in several deaths. The FBI has made hundreds of arrests of those who entered the Capitol building and assaulted police (see: FBI: Disinformation Campaigns Seek to Exploit Capitol Siege).

When investigating the MyMilitia.com website in January, the FBI was tipped off to a user who went by the name "Dionysus" and claimed he was thinking about conducting "a little experiment" that he said would "draw a lot of heat," according to court documents.

Later, the FBI obtained access to the Gmail account belonging to Dionysus, which prosecutors say is the online name that Pendley used. Agents also reviewed private Facebook messages in which Pendley claimed to have attended the Jan. 6 rally that preceded the riot. Pendley said that he made it to the Capital "platform," where he swiped a piece of glass from a broken window, according to the Justice Department and court documents.

In later conversations just before his arrest on Thursday, Pendley allegedly told one of the confidential informants that "he planned to attack web servers that he believed provided services to the FBI, CIA and other federal agencies. He said he hoped to bring down 'the oligarchy' currently in power in the United States," according to the Justice Department.

AWS has a relationship with the CIA that dates to 2013, including supplying the spy agency with cloud computing and other infrastructure-as-a-service offerings. Amazon also supplies cloud services to other agencies that are part of the U.S. intelligence community, according to the company's website.

In November 2020, the CIA awarded its Commercial Cloud Enterprise contract to AWS, Microsoft, Google, Oracle and IBM to supply cloud and other services to the intelligence community. The contract could be worth "tens of billions" of dollars over the next 10 years, according to Data Center Dynamics.


About the Author

Scott Ferguson

Scott Ferguson

Former Managing Editor, GovInfoSecurity, ISMG

Ferguson was the managing editor for the GovInfoSecurity.com media website at Information Security Media Group. Before joining ISMG, he was editor-in-chief at eWEEK and director of audience development for InformationWeek. He's also written and edited for Light Reading, Security Now, Enterprise Cloud News, TU-Automotive, Dice Insights and DevOps.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.