FOLLOWING A SLEW OF RECENT ATTACKS TARGETING GITHUB, GITLAB, AND BITBUCKET USERS, WE IN THE SOFTWARE COMMUNITY ARE REMINDED OF THE IMPORTANCE OF CYBERSECURITY.
After recent attacks, many of us in the software industry are reminded of the importance of cybersecurity.
According to reports, hackers wiped code and commits from multiple repositories leaving nothing but ransom notes behind.
Victims of the attacks reached out to Atlassian who commented:
“Within the past few hours, we detected and blocked an attempt from a suspicious IP address to log in with your Atlassian account. We believe that someone used a list of login details stolen from third-party services in an attempt to access multiple accounts.”
After infiltrating the victims’ repo and wiping all commit history, attackers left behind a single commit titled ‘WARNING’ which contained a file (the ransom note).
The ransom demanded victims send a 0.1 BTC (equivalent to around $568), to retrieve the stolen data.
“To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at firstname.lastname@example.org with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we don’t receive your payment in the next 10 Days, we will make your code public or use them otherwise.”
At the time of the incident, one report stated that GitHub had been suspending accounts and investigating attacks.
THE IMPORTANCE OF SECURITY
Our partner Checkmarx is responsible for securing code from the outset.
The Checkmarx Software Exposure Platform builds security in at the very start of the SDLC and works to continuously support all stages of the DevOps cycle. Managing Software Exposure is an emerging discipline for eliminating all software-related vulnerabilities to accurately understand and reduce business risk.
Checkmarx Application Security Testing tools are reshaping DevOps by empowering organisations to deliver secure software faster.
Named by Gartner as a Leader in Magic Quadrant for Application Security Testing solutions, it’s no surprise we partnered with Checkmarx.
Clearvision takes the security of customers very seriously.
Our Cloud solution ClearHost offers enhanced security and backup. Web, application and data tiers separated by firewalls mean double firewall protection of data, while full nightly backups with a 30 day retention period are provided as standard. In the unlikely event of a disaster, our support team will bring you back online.
Contact us for more information on how we can support your Atlassian tools and more.
Don’t risk the safety of your mission-critical Atlassian apps.