No Slack In The System

Hybrid working has made internal comms channels and collaboration tools necessary for most businesses, with Enterprise Instant Messaging (IM) services such as Microsoft Teams and Slack becoming increasingly ubiquitous.

Slack, with an estimated 20m daily users, has become the platform of choice for many of the world’s most prominent organisations, including IBM, Amazon, PayPal and Airbnb. And it is clear why - enabling communication and collaboration between team members, no matter where they are, answers many of the needs of today’s hybrid workforce

However, while giving with one hand, corporate IM services, like Slack, are taking with the other. As well as opening up communication, they are also proving to be a new cyber attack vector that cybercriminals are using to devastating effect. 

Last year, EA Games was the victim of a high-profile cyber attack in which Slack played an integral role. Gaining access to EA’s internal Slack channel, the hacker could pose as an employee to request login information for sensitive files or send files with embedded malware to enable lateral movement and escalation of privileges. Similarly, Uber recently warned employees to stay off Slack after a similar criminal infiltration using phishing methods to persuade an employee to hand over login details. According to EY, 40% of organisations have reported a cyber intrusion directed at their remote work environments. 

Hackers will use any method and any channel to target companies, with comms channels ripe for breaching company defences. However, the answer is not to give up on tools like Slack. It is about reducing exposure to risk while still offering effective connectivity.

A Hybrid Risk Requires Holistic Protection

The post-pandemic boom in hybrid and remote working models has changed the world of work - in many ways, for the better. According to Future Forum research, those working in these models are 52% more likely to say that their company’s culture has improved over the last two years, 11% reported greater work-life balance, 25% less stress, and 6% higher productivity.

There are also risks associated with this shift, with data privacy challenges, increased risk of cyberattacks, limited defense and response capabilities and compliance violations the top concerns,

There is no one solution to these concerns. Instead, organisations must take a holistic approach to hybrid workplace cybersecurity. As always, it takes a combination of people, processes, and technology to keep the doors closed. Here we explore what this looks like in practice. 

Encompassing Employee Engagement:   When employees are dispersed, it is even more crucial that each and every one of them understands and acts on their responsibilities to minimise cyber risk. The headline-grabbing attacks on EA and Uber may have been avoided had employees spotted the signs of phishing. Just as many companies have educated employees on the risks of opening email attachments or verifying the identity of a sender, there has been less focus on communicating those same risks can rear their heads on IM channels, like Slack. When introducing any new platform users must be educated on the types of risks that could present themselves. 

As the Chief Information Security Officer at Softbank recently told KPMG, “Since human error can be considered one of the greatest vulnerabilities in security it’s crucial to eliminate this threat by educating employees and helping them become better digital citizens at work and at home.”

Similarly, employees using their own devices on private networks can throw up numerous issues. Remote access with multi-factor authentication secures data on the move and in the office with encryption, ensuring that data can only be accessed by authorised users. Using end users’ mobile devices as their mobile token then acts as a second layer of authentication.

Fully stacked Security Tools Without The Stress:   There is a massive range of tools and technologies available to combat cyberattacks, and in the hybrid working environment, it is essential to harness a multi-layered approach. Encompassing standard tools such as anti-virus, anti-malware, and anti-spam should now be a given. 

However, other key technologies to consider include data leakage prevention (DLP) to ensure users don’t send sensitive or critical information outside the network with pattern-matching techniques that detect and prevent sensitive information and files from passing through the network perimeter. Advanced Threat Protection (ATP) protects against zero-day and other sophisticated targeted attacks. This sandbox protection detects, analyses and evades advanced attacks designed to bypass traditional defences (targeting specific people or functions).

Alongside this, the use of firewalls, site-to-site encryption, intrusion detection and prevention and proxy blocking all play a part in minimising hybrid risk. Increasingly, AI and machine learning also play a key role in detecting rogue behaviour, with advancements moving forward at a breakneck pace.

Hope For Hybrid Security

For many organisations managing this encompassing suite of developing technologies proves a burdensome task. Instead, many are turning to real-time and constantly updated managed security services which sit between enterprise networks and the internet. Protecting from external threats and intellectual property leaks, such managed services provide secure remote access to employees wherever they work. 

The recent Slack hack cases show, again, that hackers will use any means and any channel to achieve their goals. As new digital tools become business-critical, more doors will open. By adopting an in-depth, multi-layered approach to security, it is possible to predict, detect, alert and respond to any threats, including those that have yet to emerge.

 David Nelson is Cybersecurity Product Lead at Maintel 

You Might Also Read: 

Microsoft Teams Is Vulnerable To GIFShell Attacks:

 

« EU Parliament Website Knocked Offline
Defending Against North Korea's Cyber Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

PKWARE

PKWARE

PKWARE is a global leader in business data security, providing encryption and compression solutions to enterprise customers and government entities around the world.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

Worldline

Worldline

Worldline IIoT solutions allow industrial companies to start their digital transformation journey with industrial level cyber security standards (IEC 62443 ready).

IT Jobs Watch

IT Jobs Watch

IT Jobs Watch provides a concise and accurate map of the prevailing IT job market conditions in the UK.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

Resistant AI

Resistant AI

Resistant AI protects against evolving online fraud. We connect the dots to provide a new layer of trust and performance for our clients’ systems.

SharkStriker

SharkStriker

SharkStriker is a US based managed security services provider with SOCs and offices across the globe.

Evanssion

Evanssion

Evanssion is a value added distributor specialized in Cloud Native & Cyber Security across Middle East & Africa.

Archon Secure

Archon Secure

Archon GoSilent Cube delivers a CSfC-certified, plug-and-play security solution for classified and unclassified communication when using the public Internet.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

CMIT Solutions

CMIT Solutions

CMIT Solutions is a recognized leader in Managed IT Services for businesses. We empower businesses like yours by providing innovative technology solutions, managed IT services and cybersecurity.

Cyber Security Global

Cyber Security Global

Cyber Security Global is a leader in electronic security, consultancy, technology, cybersecurity solutions, training, and specialized products.

Tracer

Tracer

Tracer (formerly Appdetex) is a next-generation brand protection solution. It constantly finds, analyzes, and stops brand abuse across Web2 and Web3 digital channels.