The Hidden Risks of GitHub Connections

How to reduce supplier risk

Reduce supplier risks by assessing digital security in your supply chain and identifying weak links. Work with various departments to create a comprehensive supplier list and then use a cyber ratings tool to quickly identify and address risks

Advantages of extending NIS2 compliance to your supply chain

For NIS2 companies, ensuring supply chain compliance brings multiple benefits, including risk reduction, operational continuity, regulatory compliance, and enhanced security. Partnering with compliant suppliers enables effective cybersecurity management, regulatory adherence, and protection of operations and reputation.

Why sustainability auditing is important for entrepreneurs and how to implement it

Read on to discover why sustainability auditing is important to business owners and the risks they face if they fail to meet sustainability standards in the supply chain. Also discover the benefits of sustainability controls and how business owners can implement them. Learn from successful companies that have implemented sustainability controls and invest in a resilient, sustainable supply chain that will protect and grow your business.

Digital sovereignty: a necessity for entrepreneurs in the Netherlands

Digital sovereignty is a hot topic that is receiving increasing attention. As dependence on digital systems increases, so do the risks of digital threats. Digital sovereignty includes control over digital infrastructure and data, as well as the ability to steer technological development and set norms and values. In this blog, you can read more about the importance of digital sovereignty, initiatives from the European Commission, and what entrepreneurs can do to increase their digital sovereignty.

The hidden risks of GitHub Connections

attack surface data breach github

Hackers are increasingly using insecure connections between GitHub and third parties, such as API keys and access tokens, to infiltrate organizations and steal data. This can lead to supply chain dependencies and other security risks. Organizations need to secure these connections as carefully as they would usernames and passwords. This is especially true in the wake of the recent CircleCI breach, in which customer data and encryption keys were stolen.

As a result of the COVID-19 pandemic, many organizations are working with a greater number of remote and third-party collaborators. As a result, there are more connections between systems, applications, and workflows, including connections to and storage of software in GitHub. Securing these connections is critical to avoid vendor lock-in. In recent years, we have seen hackers exploit these connections to gain access to corporate data. For example, the recent CircleCI breach, in which customer data and encryption keys were stolen, is a warning to companies to improve the security of their GitHub connections.

An important aspect to consider is that these connections are not only made to external parties, but also within the organization itself. For example, a developer may create a token to test a new solution, but later fail to revoke it (so-called "set and forget" tokens). This creates connections that are no longer in use but remain open, leaving the organization vulnerable to attack. It is therefore important that organizations are aware of the risks of these connections and monitor and remediate them on a regular basis. Lack of monitoring can also result in permissions being granted to former users or employees who have since left the organization, potentially granting unauthorized access to anyone who finds the connection. For example, the Slack breach showed how criminals gained access to externally hosted Slack GitHub repositories.

Summary

Supply chain dependencies are a growing concern for organizations, especially when it comes to connections to GitHub and third parties. It is important that organizations are aware of these risks and actively take steps to secure their external connections - think API keys, OAuth tokens and other connections - as rigorously as they protect their passwords. This can be done by implementing multi-factor authentication, new stronger access tokens, and continuous monitoring of external connections and services. By taking these steps, companies can reduce the risk of vendor lock-in and protect their organizations from attack.

Source: securityboulevard.com

Published by RiskStudio

Mar 9, 2023