Is GitHub a New Wild, Wild West for Cybercriminals?

4

JULY 2019

By: Orhan Yildirim

For millions of software and systems developers around the world, GitHub is THE hub for accessing, sharing and otherwise collaborating with other developers to build new digital products and services.

GitHub is an American company that provides hosting for software development version control using Git. It is a subsidiary of Microsoft, which acquired the company in 2018 for $7.5 billion.

It offers all of the distributed version control and source code management (SCM) functionality of Git as well as adding its own features and provides access control and several collaboration features including bug tracking, feature requests, task management, and wikis for every project.

Free GitHub accounts are commonly used to host open-source projects, and as of May 2019, reports having over 37 million users and more than 100 million repositories, including at least 28 million public repositories, making it the largest host of source code in the world.

On February 28, 2018, GitHub was the target of the largest distributed denial-of-service (DDoS) attack in history.

Earlier this year, researchers at North Carolina State University recently discovered many thousands of leaked secrets and credentials.

Researchers Michael Meli, Matthew McNeice and Bradley Reaves scanned billions of GitHub files as part of an academic study that found that over 100,000 of the service’s code repositories contain exposed authentication secrets, such as cryptographic keys and API tokens, and thousands more repositories which are leaking new, unique secrets every day.

Researchers scanned nearly 13% of GitHub’s public repositories to collect this information.

In their scan, the researchers found 85,311 unique Google API keys, 37,781 unique RSA Private Keys and 47,814 unique Google OAuth IDs. The researchers also estimated that of the secrets enabled access to sensitive systems or data and their exposure caused real risk.

While the researchers didn’t release the names of specific organizations impacted, they did say that large, prominent enterprises were at risk. This included AWS credentials for a site used by millions of college applicants in the U.S. and AWS secrets for a major government agency in a Western European country.

As more and more digital transformation is driving more development and sharing on GitHub and other developer communities, companies like Microsoft, which owns and is now accountable for securing GitHub, can significantly improve the security of data, databases, and the networks that connect developers with their applications and data using Privileged Access Management, multi-factor authentication and other increasingly sophisticated means using security software build for the cloud.

To learn more about Ironsphere’s cloud security solutions, download our solution brief.

Similar Blogs

Five Best Practices for Modern Security Governance

Five Best Practices for Modern Security Governance

Corporate information security governance is a foundation upon which organizations can build an increasingly significant part of their overall risk management platform. The foundation of a successful security governance program begins with strong upper-level management support, including the CEO, Chairman and Board Members.

read more