In 2007, domain registrar and web hosting company GoDaddy.com experienced a distributed denial-of-service (DDoS) attack against its core services that brought the site down for four hours.
“When you try to mitigate an attack like this, you don't care where it's coming from,” said Neil Warner, CISO of GoDaddy, a domain registrar and web-hosting provider. “I care about what it's going to do, so I can mitigate that. It took us a while to identify the server it was going to.”
During a talk Wednesday at the SC World Congress, moderated by Paul M. Barrett, assistant managing editor of BusinessWeek, Warner spoke about the data security efforts underway at GoDaddy, a company with 6.5 million customers, hosting several million websites and 32 million domain names.
“One of the biggest things is that I have support from the top,” Warner said of GoDaddy founder and CEO Bob Parsons.
Warner added that he has never had one of his security requests shot down by senior management.
Since GoDaddy hosts so many websites, it sees a number of zero-day threats and, as a result, works closely with its security vendors to get virus signatures for threats targeting websites hosted by the company. GoDaddy also finds itself sometimes hosting phishing sites, which the fraud abuse team works as quickly as possible to remove.
“That's a pretty good deterrent,” Warner said. “The bad people don't want to spend time making it if they know it's going to be brought down quickly.”
In addition, Warner said his company collaborates with law enforcement almost daily, usually related to subpoena requests.
The security team at GoDaddy visits industry vendor, government and other security websites daily and correlates the information to provide an overview of the threats targeting its sites. But the company also has another resource to identifying threats: its own customers.
“I consider my customers my intrusion detection systems, too,” Warner said.