Website hosting provider GoDaddy released statements revealing that they were under attack by cyber criminals. These unauthorised third parties hacked into GoDaddy’s cPanel shared hosting servers, installing malware that caused intermittent redirection of customer websites. This was apparently a multi-year attack.
GoDaddy has involved multiple law enforcement agencies in their attempt to remediate the issue and prevent future cyber breaches. Law enforcement recognised that this crime was carried out by a criminal group who aim to infect websites and servers through activities including malware distribution and phishing campaigns.
The organisation is actively monitoring and working to block future cyber threats, as laid out in their 10-K filing with the U.S Security and Exchange Commission (SEC). However, the data of over 1.2 million customers who host their websites on GoDaddy’s streamlined platform Managed WordPress remain threatened.
This recent attack is not the first time GoDaddy has been targeted by malicious actors. Previously, in late 2021, the Managed WordPress service experienced another similar attack. And on March 2020, GoDaddy revealed that 28000 log-in credentials including some employee accounts were compromised by cybercriminal activity.
Protecting your company’s information from cybercrime is crucial
If you host or have hosted your website through GoDaddy, it is vital that you undertake precautionary measures to protect your data from security breaches. Talk with your IT team, cyber security expert or web developers to consider proper action, and a thorough inspection of your company’s data. Further precautionary actions include:
- Changing login credentials and using more complicated passphrases
Instead of simple passwords, consider using passphrases, which are passwords that are a collection of multiple words more difficult for cyber criminals to solve. Passphrases should be unpredictable, at least 14 characters long, include numbers and various characters.
- Backing up and encrypting your data
Back up your data to an external drive or portable device and store them offsite for extra security. You may also choose to back up your data with a cloud storage solution that uses encryption, adding another level of data security for confidential information.
- Installing antivirus and spyware software on work devices
Installing security software on your computers, laptops, and mobile devices can help prevent infection from malware and viruses. Make sure to research the antivirus software that will best suit your business size and preferred features.
- Keep apps, plugins websites and devices up to date
If your website was constructed on WordPress, there’s a high possibility that it was built with numerous plugins that were developed by different companies which may increase your digital risk. Ensuring your company’s website, plugins, apps and devices are equipped with their latest security settings is a simple way to decrease your risk of cyber-attacks.
Cyber Insurance can help you protect your data
Security breaches in situations like this can be frightening and unexpected, but it is important not to panic. Along with ensuring you have the proper defences, Cyber Insurance can provide you with more protection, and a greater sense of safety.
Crucial Insurance brokers are award-winning, fully licensed specialists who aim to help you find the Cyber Insurance ideal for your situation. If you have any questions concerning your coverage, please don’t hesitate to Contact Us today or give us a call at 1300 400 707.
This article was written by Tony Venning,
Managing Director at Crucial Insurance and Risk Advisors.
For further information or comment please email info@crucialinsurance.com.au.
Important Disclaimer – Crucial Insurance and Risk Advisors Pty Ltd ABN 93 166 630 511. This article provides information rather than financial product or other advice. The content of this article, including any information contained on it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.
Information is current as at the date articles are written as specified within them but is subject to change. Crucial Insurance, its subsidiaries and its associates make no representation as to the accuracy or completeness of the information. All information is subject to copyright and may not be reproduced without the prior written consent of Crucial Insurance.