GoDaddy is Just One of the Dominoes That Doesn't Have to Fall

The GoDaddy customer breaches didn’t have to happen and don’t have to happen to you. 

Cisco threat researchers recently reported a dramatic uptick in Angler Exploit Kit-based attacks connected to compromised GoDaddy domain registry accounts.

GoDaddy, which manages nearly a third of all global domain names used on the Internet, has issued media statements clarifying that it was not breached. It was its customers who allowed their login credentials to be stolen and used to create malicious subdomains, the company explained, accurately stating this is an industry problem for cloud-based service providers.

GoDaddy is telling it like it is. Cloud security is the responsibility of the enterprise. Cloud-based applications and services don’t have the security tools necessary to enforce security policies. Many enterprises place mission critical infrastructure services like GoDaddy domain registration, sensitive data and applications on the cloud. They need a secure cloud gateway to protect their corporate assets housed there.

Organizations that utilize GoDaddy and other domain registration services are at risk of having their domains hijacked by hackers using domain shadowing.

Just like a firewall sits between the corporate user and the Internet, a secure cloud gateway sits between cloud apps/services and the corporate user. A Cloud Application Security (News - Alert) Broker (CASB) can enable an enterprise to responsibly and securely leverage cloud applications like GoDaddy, GitHub, ADP, Google Apps, NetSuite (News - Alert), Office 365, Salesforce, TribeHR, Workday and others, as well as customized and homegrown apps built on Amazon Web Services, Azure or Force.com.

CASBs deliver cloud application security solutions that provide discovery, threat prevention, compliance and auditing tools. Some focus on the proactive protection of cloud applications and services, like secure cloud gateway technologies. A secure cloud gateway can prevent breaches from happening and thus reduce the risk landscape. After the risks and threats are mitigated, other security tools like discovery and analysis can be used for adaptive learning.

If the enterprises using GoDaddy, or any other IaaS solution, had a secure cloud gateway in place, they could benefit from a full suite of security tools, including:

1. Comprehensive protection from phishing, malware and social engineering
2. Multiple users with custom roles acting under the single IaaS privileged user account
3. Definition and enforcement of security controls for authentication and authorization
4. Enhancement of security controls by adding context; device, OS, IP, location and more 
5. Elimination of out-of-bound access
6. Granular auditing and behavioral analysis of any and all activity within the protected IaaS solution

The hacking of GoDaddy accounts is the tip of the iceberg. Currently, all cloud infrastructure—domain registration, hosting, ID management and the list goes on—is poorly secured. The enterprise needs to take control of the security of its corporate assets on the cloud. They represent the organization’s critical infrastructure. A secure cloud gateway can do this for GoDaddy or any DNS registry service, as well as other mission critical applications and services.

About the Author: Yair Grindlinger is co-founder and CEO of FireLayers