The attacker uses a brute force attack to discover a username/password combination for Github.
Response Classifiction: Mitigate
- Require 2FA on All Accounts
- MFA through github credentials and UCSB SSO.
- It has already occurred at UCD. It has been publicly reported in the wild
- Repository Deleted (Loss Scenario)
- The repositories code could be updated with malicious code. If the repository is tied to an automated deployment pipeline there is a chance of the code being deployed to Prod before being detected. (I really need to find a percentage likelihood of this.)
With UCSB's SSO integrated into the login, there is an implicit MFA built into the system. However, their is strong consideration to also require 2FA on all Github accounts that want to be linked to the UCSB organization.
Loss of credentials through accidental check-in in a public repository.
Response Classification:
- Scan source control before check-in (ie. git-secrets)
(Question) Would there be a case where both Github credentials and UCSB credentials would both be in source control? (Then again, why would either be in source control?)
Loss of credentials which would give an attacker access to Github API through accidental check-in in a public repository.
Response Classification:
- Scan source control before check-in (ie. git-secrets)
- It wasn't Github API credential loss, but this has already happened at UCSB.
- When possible, use read-only API keys (deploy keys).
- Repository Deleted (Loss Scenario)
| Loss Scenario | Recovery Plans / Ideas | Probability | Response Classification & Status | Decisiosn & Discussion Details |
|---|---|---|---|---|
| Repository Deleted All Repositories Deleted Repositories could be completely wiped out. |
|
|||
| Repository Updated with Malicious Code The repositories code could be updated with malicious code. If the repository is tied to an automated deployment pipeline there is a chance of the code being deployed to Prod before being detected. (I really need to find a percentage likelihood of this.) |