GoDaddy is an entrepreneurial empowerment firm specializing in domain name management. With more than 20 million websites hosted on their servers, they are the largest domain registrar in the world.
You would expect a firm the size of GoDaddy – especially with their IT expertise – to successfully secure their network against the threat of cybercriminals.
Yet the US firm is the most recent international firm to fall victim to a phishing attack. The data of 1.2 million users who signed up for the company’s WordPress hosting service were exposed.
So what did we learn from this latest hacking bombshell?
What we know about the Breach
GoDaddy first discovered their systems had been breached on 17th November when they came across suspicious access in their hosting systems.
It turned out the hackers accessed their systems by using a password that had been compromised in a phishing attack. Over 90% of data breaches are due to human error such as clicking on a malicious link in an email.
Having acquired the password, the hackers stole the email addresses of 1.2 million Managed WordPress customers. The situation was more severe for active customers, who had their SSL private keys exposed as well.
GoDaddy has created new ones for these customers, but the hackers had full access to customers’ accounts for a short period.
How is GoDaddy Responding to the Attack?
GoDaddy has a poor reputation for dealing with cyberattacks. The 2024 breach is the fifth time the company has fallen foul of hackers since 2018. We can only assume that previous strategy responses were inadequate.
Chief Information Security Officer Demetrius Comes has promised to introduce additional security measures in the wake of the latest breach. He said, “we will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
Precisely what these additional measures entail is unclear, but GoDaddy’s stock price has recovered to its pre-attack level of around $73. This may suggest a degree of confidence that GoDaddy has taken the necessary steps to reduce the risks of future attacks.
What must we learn from the GoDaddy Attack?
The GoDaddy attack is not an isolated incident. Instead, it is part of a pattern of escalating phishing attacks aided by AI technology. They remain the most common form of data breach attacks, making up an overwhelming 83% of attacks on businesses and 79% on charities.
These attacks show no signs of disappearing, and it is up to all businesses to defend themselves against phishing attacks. They must learn from GoDaddy’s mistakes and go further than simply relying on staff to spot suspicious emails.
The National Cyber Security Centre recommends a four-layered approach. They begin with stopping attacks from reaching your staff by leveraging anti-spoofing software to prevent your employees’ emails from falling into attacks hands.
Micro Pro, a leading IT Security and outsourced management provider based in London also recommend a well-defined installing proven technologies and an incident response plan so that your team knows how to spot and mitigate successful phishing attacks.
Following the guidance of IT experts makes it more challenging for malicious actors to successfully execute phishing attacks. We need to act now.