GoDaddy Hack Breaches Hosting Account Credentials
The domain registrar giant said that the breach started in October 2019.
According to Timothy Chiu, Vice President of Marketing, K2 Cyber Security:
“Companies continue to get breached with traditional security tools like Web Application Firewalls and Endpoint protection, an indication that we need better security tools. Traditional methods that typically rely on indicators from past attacks just aren’t working. Even NIST realized this – for the first time, they updated their standard to include Runtime Application Self-Protection (RASP) as a requirement for web security.
As a protection mechanism, WAF sits on the perimeter, so if that’s all the protection GoDaddy or any other organization is using, then if the attackers did get malware on the servers or manipulated files on the servers, it’s much harder to detect. Security needs to be close to the application and reside on the servers to detect changes in real time, so that we find breaches faster, and we can determine if there’s an issue on the server itself (east-west traffic analysis vs. north-south – looking at traffic on the servers, versus looking at traffic to and from the internet).”