Connect with us

Hi, what are you looking for?

Tech & Science

Website provider GoDaddy suffers from a data breach (Includes interview)

With the case, reported by ZDNet, the person was able to access login credentials of SSH accounts used in GoDaddy’s hosting environment. The company discovered an “unauthorized individual” had gained access to login credentials that enabled them to “connect to SSH” on the affected hosting accounts. The security incident that took place on October 19, 2019, was discovered on April 23, 2020.

SSH stands for ‘Secure Shell’; it is used for remote connections to a computer. Using an SSH client, a user can connect to a server to transfer information in a more secure manner compared with some other methods. SSH provides multiple mechanisms for authenticating the server and the client. Two of the commonly used authentication mechanism are password based, and key based authentication. However, despite a strong security framework, SSH has some limitations, as the most recent data breach indicates.

GoDaddy has reported a full-year net income of $138.4 million on revenue of $2.99 billion. The firm had 19.3 million customers as of the end of 2019.

Commenting on the issue for Digital Journal, cybersecurity professional, James Carder, the CSO and VP of LogRhythm Labs says: “With this particular incident, there are unknowns such as whether sensitive files were exfiltrated from the accounts, and exactly how many accounts from GoDaddy’s hosting environment were compromised.”

Looking at the wider picture, Carder says: “It is easy to assume that GoDaddy, as the world’s largest domain registrar, would have proper security in place to prevent, detect, and respond to these types of threats. GoDaddy should have had stricter SSH security measures in place rather than just a simple username and password.”

Looking at what should be done in terms of future protection, Carder notes: “Strong SSH key management is critical in protecting internet accessible functions…fundamental controls for properly securing and managing SSH should have been implemented.”

With an SSH key in place, Carder points out: “It is important to ensure that SSH keys are associated with an individual user and are continuously rotated. The principle of least privilege should be utilised for the account authorised to SSH”. Furthermore, he recommends that “an organization should conduct thorough auditing and monitoring of all privileged sessions and key usage.”

This feeds into preventative measures for all businesses using this type of system, here Carder states: “If such controls were implemented, then the likelihood that GoDaddy would have suffered a breach, leveraging stolen or acquired username and passwords, would have been minimal. Of course, no incident is 100 percent preventable, yet, this particular breach reflects how GoDaddy overlooked simple security controls.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

“Due to these drug resistance and cancer-promoting effects, it is important to study how the glucocorticoid receptor functions

Entertainment

Netflix on Wednesday released a sneak peek of its TV series adaptation of Gabriel Garcia Marquez's "One Hundred Years of Solitude."

World

A police officer lifts tape to let a car into the Christ the Good Shepherd Church in western Sydney, scene of a live-streamed stabbing...

Business

Jerome Powell's indication that the battle against inflation could take longer than expected weighed on hopes for interest rate cuts this year - Copyright...