DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Software Design and Architecture
  3. Security
  4. The Comodo Breach and the Dangers of Shared Accounts

The Comodo Breach and the Dangers of Shared Accounts

Thinking of using shared accounts? Just don't.

Inbal Voitiz user avatar by
Inbal Voitiz
·
Sep. 19, 19 · Opinion
Like (2)
Save
Tweet
Share
6.60K Views

Join the DZone community and get the full member experience.

Join For Free

security-cameras-in-night-club


Recently, security researcher Jelle Ursem discovered a concerning data breach at Comodo, a cybersecurity company responsible for endpoint detection response.

Although no customer certificate private keys were exposed, confidential sales documents, Comodo team data (including names, contact info, photos, and personal calendars), and customer contracts were available to the public. 

You may also like: Scanner or Scammer: Analysis of CamScanner Vulnerability.

What Happened?

Comodo used one account for its Microsoft cloud services, meaning that a single set of credentials was shared between multiple employees. The Microsoft account also lacked multi-factor authentication, meaning that any employee (or hacker) with the right credentials could retrieve Comodo’s confidential internal documents without further verifying their identity.

A software developer at Comodo with access to the shared account inadvertently uploaded the credentials to a public GitHub repository, exposing Comodo to third party actors.

Why Share an Account in the First Place?

It is expensive, time-consuming, and exhausting to create separate accounts for each employee that needs to access a company’s shared resources. Storing the resources in one shared account provides a quick and easy  —  albeit unsafe — solution.

Despite their convenience, shared accounts pose an immense security risk. Sharing login information among a large group of employees is antithetical to secrecy, which lies at the heart of security and authentication. At least one person in a large network of employees will almost inevitably fall victim to phishing, social engineering, MiTM, or a similar common hack, jeopardizing the entire system. Furthermore, shared credentials cannot be monitored; it is impossible to know how many current and former employees, family, or friends have access. 

Shared accounts also lack accountability. During login, each employee is recognized by the system as the same user, meaning that use (and abuse) of the account’s resources cannot be definitively traced to an individual. 

Multi Factor Authentication (MFA) is the “new” standard in identity and access management and requires an Out Of Band (OOB) channel that can only be associated with a single user, making MFA a unique challenge for shared accounts.

Comodo is not unique  —  many enterprises use shared accounts. What can companies do to improve their security?

The Solution to Shared Accounts 

Privilege Access Management (PAM) solutions lock shared credentials into a repository that can only be accessed by authenticated employee accounts. Once the credentials are used, they are changed or “reset” for the next employee. Although PAM solves the challenge of shared accounts, they are expensive systems to implement, costing about $80 to $300 per machine.  

Learning From Comodo’s Mistake

Comodo is a self-proclaimed “global leader in cybersecurity solutions,” yet their recent breach is indicative of extreme carelessness and oversight. In order to protect their customers, businesses  — especially high-stakes cybersecurity companies like Comodo — need to approach their security more thoughtfully. Hopefully, Comodo will learn from their mistakes and will lead by example as we transition to a world increasingly reliant on secure data and safe Internet usage.


Related Articles

  • How Authentication Works in Encryption. 
  • Five Important Software Vulnerabilities. 
security Multi-factor authentication authentication Software developer Data (computing) Document Repository (version control) Vulnerability Software

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Image Classification With DCNNs
  • Mr. Over, the Engineer [Comic]
  • Fraud Detection With Apache Kafka, KSQL, and Apache Flink
  • Memory Debugging: A Deep Level of Insight

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: