No Slack In The System

Uploaded on 2022-11-30 in TECHNOLOGY--Resilience, FREE TO VIEW

Hybrid working has made internal comms channels and collaboration tools necessary for most businesses, with Enterprise Instant Messaging (IM) services such as Microsoft Teams and Slack becoming increasingly ubiquitous.

Slack, with an estimated 20m daily users, has become the platform of choice for many of the world’s most prominent organisations, including IBM, Amazon, PayPal and Airbnb. And it is clear why - enabling communication and collaboration between team members, no matter where they are, answers many of the needs of today’s hybrid workforce

However, while giving with one hand, corporate IM services, like Slack, are taking with the other. As well as opening up communication, they are also proving to be a new cyber attack vector that cybercriminals are using to devastating effect. 

Last year, EA Games was the victim of a high-profile cyber attack in which Slack played an integral role. Gaining access to EA’s internal Slack channel, the hacker could pose as an employee to request login information for sensitive files or send files with embedded malware to enable lateral movement and escalation of privileges. Similarly, Uber recently warned employees to stay off Slack after a similar criminal infiltration using phishing methods to persuade an employee to hand over login details. According to EY, 40% of organisations have reported a cyber intrusion directed at their remote work environments. 

Hackers will use any method and any channel to target companies, with comms channels ripe for breaching company defences. However, the answer is not to give up on tools like Slack. It is about reducing exposure to risk while still offering effective connectivity.

A Hybrid Risk Requires Holistic Protection

The post-pandemic boom in hybrid and remote working models has changed the world of work - in many ways, for the better. According to Future Forum research, those working in these models are 52% more likely to say that their company’s culture has improved over the last two years, 11% reported greater work-life balance, 25% less stress, and 6% higher productivity.

There are also risks associated with this shift, with data privacy challenges, increased risk of cyberattacks, limited defense and response capabilities and compliance violations the top concerns,

There is no one solution to these concerns. Instead, organisations must take a holistic approach to hybrid workplace cybersecurity. As always, it takes a combination of people, processes, and technology to keep the doors closed. Here we explore what this looks like in practice. 

Encompassing Employee Engagement:   When employees are dispersed, it is even more crucial that each and every one of them understands and acts on their responsibilities to minimise cyber risk. The headline-grabbing attacks on EA and Uber may have been avoided had employees spotted the signs of phishing. Just as many companies have educated employees on the risks of opening email attachments or verifying the identity of a sender, there has been less focus on communicating those same risks can rear their heads on IM channels, like Slack. When introducing any new platform users must be educated on the types of risks that could present themselves. 

As the Chief Information Security Officer at Softbank recently told KPMG, “Since human error can be considered one of the greatest vulnerabilities in security it’s crucial to eliminate this threat by educating employees and helping them become better digital citizens at work and at home.”

Similarly, employees using their own devices on private networks can throw up numerous issues. Remote access with multi-factor authentication secures data on the move and in the office with encryption, ensuring that data can only be accessed by authorised users. Using end users’ mobile devices as their mobile token then acts as a second layer of authentication.

Fully stacked Security Tools Without The Stress:   There is a massive range of tools and technologies available to combat cyberattacks, and in the hybrid working environment, it is essential to harness a multi-layered approach. Encompassing standard tools such as anti-virus, anti-malware, and anti-spam should now be a given. 

However, other key technologies to consider include data leakage prevention (DLP) to ensure users don’t send sensitive or critical information outside the network with pattern-matching techniques that detect and prevent sensitive information and files from passing through the network perimeter. Advanced Threat Protection (ATP) protects against zero-day and other sophisticated targeted attacks. This sandbox protection detects, analyses and evades advanced attacks designed to bypass traditional defences (targeting specific people or functions).

Alongside this, the use of firewalls, site-to-site encryption, intrusion detection and prevention and proxy blocking all play a part in minimising hybrid risk. Increasingly, AI and machine learning also play a key role in detecting rogue behaviour, with advancements moving forward at a breakneck pace.

Hope For Hybrid Security

For many organisations managing this encompassing suite of developing technologies proves a burdensome task. Instead, many are turning to real-time and constantly updated managed security services which sit between enterprise networks and the internet. Protecting from external threats and intellectual property leaks, such managed services provide secure remote access to employees wherever they work. 

The recent Slack hack cases show, again, that hackers will use any means and any channel to achieve their goals. As new digital tools become business-critical, more doors will open. By adopting an in-depth, multi-layered approach to security, it is possible to predict, detect, alert and respond to any threats, including those that have yet to emerge.

 David Nelson is Cybersecurity Product Lead at Maintel 

You Might Also Read: 

Microsoft Teams Is Vulnerable To GIFShell Attacks:

 

« EU Parliament Website Knocked Offline
Defending Against North Korea's Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Microsoft Security

Microsoft Security

Microsoft Security helps protect people and data against cyberthreats to give you peace of mind. Safeguard your people, data, and infrastructure.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

Capula

Capula

Capula is a leading system integration specialist for control, automation and operational IT systems across all applications and industry sectors.

SBD Automotive

SBD Automotive

SBD Automotive are specialists in automotive technology providing independent research and consultancy to help create smarter, more secure, better connected, and increasingly autonomous cars.

Swisscom Blockchain

Swisscom Blockchain

Swisscom Blockchain is focused on supporting the implementation and adaption of Blockchain-based platforms in enterprises across diverse industries.

Deepwatch

Deepwatch

deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

CertiProf

CertiProf

CertiProf has been enhancing professional lives since 2015, offering a wide range of IT certifications and agile framework training.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

TerraZone

TerraZone

TerraZone is a global cyber security and privacy solutions provider to governments and enterprises.