No Slack In The System

Uploaded on 2022-11-30 in TECHNOLOGY--Resilience, FREE TO VIEW

Hybrid working has made internal comms channels and collaboration tools necessary for most businesses, with Enterprise Instant Messaging (IM) services such as Microsoft Teams and Slack becoming increasingly ubiquitous.

Slack, with an estimated 20m daily users, has become the platform of choice for many of the world’s most prominent organisations, including IBM, Amazon, PayPal and Airbnb. And it is clear why - enabling communication and collaboration between team members, no matter where they are, answers many of the needs of today’s hybrid workforce

However, while giving with one hand, corporate IM services, like Slack, are taking with the other. As well as opening up communication, they are also proving to be a new cyber attack vector that cybercriminals are using to devastating effect. 

Last year, EA Games was the victim of a high-profile cyber attack in which Slack played an integral role. Gaining access to EA’s internal Slack channel, the hacker could pose as an employee to request login information for sensitive files or send files with embedded malware to enable lateral movement and escalation of privileges. Similarly, Uber recently warned employees to stay off Slack after a similar criminal infiltration using phishing methods to persuade an employee to hand over login details. According to EY, 40% of organisations have reported a cyber intrusion directed at their remote work environments. 

Hackers will use any method and any channel to target companies, with comms channels ripe for breaching company defences. However, the answer is not to give up on tools like Slack. It is about reducing exposure to risk while still offering effective connectivity.

A Hybrid Risk Requires Holistic Protection

The post-pandemic boom in hybrid and remote working models has changed the world of work - in many ways, for the better. According to Future Forum research, those working in these models are 52% more likely to say that their company’s culture has improved over the last two years, 11% reported greater work-life balance, 25% less stress, and 6% higher productivity.

There are also risks associated with this shift, with data privacy challenges, increased risk of cyberattacks, limited defense and response capabilities and compliance violations the top concerns,

There is no one solution to these concerns. Instead, organisations must take a holistic approach to hybrid workplace cybersecurity. As always, it takes a combination of people, processes, and technology to keep the doors closed. Here we explore what this looks like in practice. 

Encompassing Employee Engagement:   When employees are dispersed, it is even more crucial that each and every one of them understands and acts on their responsibilities to minimise cyber risk. The headline-grabbing attacks on EA and Uber may have been avoided had employees spotted the signs of phishing. Just as many companies have educated employees on the risks of opening email attachments or verifying the identity of a sender, there has been less focus on communicating those same risks can rear their heads on IM channels, like Slack. When introducing any new platform users must be educated on the types of risks that could present themselves. 

As the Chief Information Security Officer at Softbank recently told KPMG, “Since human error can be considered one of the greatest vulnerabilities in security it’s crucial to eliminate this threat by educating employees and helping them become better digital citizens at work and at home.”

Similarly, employees using their own devices on private networks can throw up numerous issues. Remote access with multi-factor authentication secures data on the move and in the office with encryption, ensuring that data can only be accessed by authorised users. Using end users’ mobile devices as their mobile token then acts as a second layer of authentication.

Fully stacked Security Tools Without The Stress:   There is a massive range of tools and technologies available to combat cyberattacks, and in the hybrid working environment, it is essential to harness a multi-layered approach. Encompassing standard tools such as anti-virus, anti-malware, and anti-spam should now be a given. 

However, other key technologies to consider include data leakage prevention (DLP) to ensure users don’t send sensitive or critical information outside the network with pattern-matching techniques that detect and prevent sensitive information and files from passing through the network perimeter. Advanced Threat Protection (ATP) protects against zero-day and other sophisticated targeted attacks. This sandbox protection detects, analyses and evades advanced attacks designed to bypass traditional defences (targeting specific people or functions).

Alongside this, the use of firewalls, site-to-site encryption, intrusion detection and prevention and proxy blocking all play a part in minimising hybrid risk. Increasingly, AI and machine learning also play a key role in detecting rogue behaviour, with advancements moving forward at a breakneck pace.

Hope For Hybrid Security

For many organisations managing this encompassing suite of developing technologies proves a burdensome task. Instead, many are turning to real-time and constantly updated managed security services which sit between enterprise networks and the internet. Protecting from external threats and intellectual property leaks, such managed services provide secure remote access to employees wherever they work. 

The recent Slack hack cases show, again, that hackers will use any means and any channel to achieve their goals. As new digital tools become business-critical, more doors will open. By adopting an in-depth, multi-layered approach to security, it is possible to predict, detect, alert and respond to any threats, including those that have yet to emerge.

 David Nelson is Cybersecurity Product Lead at Maintel 

You Might Also Read: 

Microsoft Teams Is Vulnerable To GIFShell Attacks:

 

« EU Parliament Website Knocked Offline
Defending Against North Korea's Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Cloud Credential Council (CCC)

Cloud Credential Council (CCC)

The CCC is a leading provider of vendor-neutral certification programs that empower IT and business professionals in their digital transformation journey.

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Immersive Labs

Immersive Labs

Immersive Labs have created a kinesthetic learning platform which identifies gaps in your teams cyber skills.

Cytomic

Cytomic

Cytomic is the business unit of Panda Security specialized in providing advanced cybersecurity solutions and services to large enterprises.

Tokio Marine HCC

Tokio Marine HCC

Tokio Marine HCC is a leading specialty insurance group with a Financial and Professional product line including Tech and Cyber.

Aigner Business Solutions

Aigner Business Solutions

Aigner Business Solutions GmbH is a specialist in IT-Security and Data Protection. Concise and focussed.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

Asimily

Asimily

Asimily’s IoMT risk remediation platform holistically secures the mission-critical healthcare devices that deliver safe and reliable care.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

IDECSI

IDECSI

IDECSI delivers cutting-edge technology and engages all employees in the security system for effective and cost-efficient data protection.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Reaktr.ai

Reaktr.ai

Reaktr.ai is founded on the vision of using AI as a catalyst to propel industries into a future where we redefine what's possible. Fortify your cybersecurity defense with our AI-powered platform.

Defence Logic

Defence Logic

Defence Logic is a cyber security company serving clients in many business sectors. Our consultancy services include Penetration Testing, Security Reviews and Monitoring.

itm8

itm8

itm8 is a Nordic digital transformation partner offering a wide range of services in IT operations and Cloud Services, Digital Transformation, Application Services, ERP, and Cyber Security.