No Slack In The System

Hybrid working has made internal comms channels and collaboration tools necessary for most businesses, with Enterprise Instant Messaging (IM) services such as Microsoft Teams and Slack becoming increasingly ubiquitous.

Slack, with an estimated 20m daily users, has become the platform of choice for many of the world’s most prominent organisations, including IBM, Amazon, PayPal and Airbnb. And it is clear why - enabling communication and collaboration between team members, no matter where they are, answers many of the needs of today’s hybrid workforce

However, while giving with one hand, corporate IM services, like Slack, are taking with the other. As well as opening up communication, they are also proving to be a new cyber attack vector that cybercriminals are using to devastating effect. 

Last year, EA Games was the victim of a high-profile cyber attack in which Slack played an integral role. Gaining access to EA’s internal Slack channel, the hacker could pose as an employee to request login information for sensitive files or send files with embedded malware to enable lateral movement and escalation of privileges. Similarly, Uber recently warned employees to stay off Slack after a similar criminal infiltration using phishing methods to persuade an employee to hand over login details. According to EY, 40% of organisations have reported a cyber intrusion directed at their remote work environments. 

Hackers will use any method and any channel to target companies, with comms channels ripe for breaching company defences. However, the answer is not to give up on tools like Slack. It is about reducing exposure to risk while still offering effective connectivity.

A Hybrid Risk Requires Holistic Protection

The post-pandemic boom in hybrid and remote working models has changed the world of work - in many ways, for the better. According to Future Forum research, those working in these models are 52% more likely to say that their company’s culture has improved over the last two years, 11% reported greater work-life balance, 25% less stress, and 6% higher productivity.

There are also risks associated with this shift, with data privacy challenges, increased risk of cyberattacks, limited defense and response capabilities and compliance violations the top concerns,

There is no one solution to these concerns. Instead, organisations must take a holistic approach to hybrid workplace cybersecurity. As always, it takes a combination of people, processes, and technology to keep the doors closed. Here we explore what this looks like in practice. 

Encompassing Employee Engagement:   When employees are dispersed, it is even more crucial that each and every one of them understands and acts on their responsibilities to minimise cyber risk. The headline-grabbing attacks on EA and Uber may have been avoided had employees spotted the signs of phishing. Just as many companies have educated employees on the risks of opening email attachments or verifying the identity of a sender, there has been less focus on communicating those same risks can rear their heads on IM channels, like Slack. When introducing any new platform users must be educated on the types of risks that could present themselves. 

As the Chief Information Security Officer at Softbank recently told KPMG, “Since human error can be considered one of the greatest vulnerabilities in security it’s crucial to eliminate this threat by educating employees and helping them become better digital citizens at work and at home.”

Similarly, employees using their own devices on private networks can throw up numerous issues. Remote access with multi-factor authentication secures data on the move and in the office with encryption, ensuring that data can only be accessed by authorised users. Using end users’ mobile devices as their mobile token then acts as a second layer of authentication.

Fully stacked Security Tools Without The Stress:   There is a massive range of tools and technologies available to combat cyberattacks, and in the hybrid working environment, it is essential to harness a multi-layered approach. Encompassing standard tools such as anti-virus, anti-malware, and anti-spam should now be a given. 

However, other key technologies to consider include data leakage prevention (DLP) to ensure users don’t send sensitive or critical information outside the network with pattern-matching techniques that detect and prevent sensitive information and files from passing through the network perimeter. Advanced Threat Protection (ATP) protects against zero-day and other sophisticated targeted attacks. This sandbox protection detects, analyses and evades advanced attacks designed to bypass traditional defences (targeting specific people or functions).

Alongside this, the use of firewalls, site-to-site encryption, intrusion detection and prevention and proxy blocking all play a part in minimising hybrid risk. Increasingly, AI and machine learning also play a key role in detecting rogue behaviour, with advancements moving forward at a breakneck pace.

Hope For Hybrid Security

For many organisations managing this encompassing suite of developing technologies proves a burdensome task. Instead, many are turning to real-time and constantly updated managed security services which sit between enterprise networks and the internet. Protecting from external threats and intellectual property leaks, such managed services provide secure remote access to employees wherever they work. 

The recent Slack hack cases show, again, that hackers will use any means and any channel to achieve their goals. As new digital tools become business-critical, more doors will open. By adopting an in-depth, multi-layered approach to security, it is possible to predict, detect, alert and respond to any threats, including those that have yet to emerge.

 David Nelson is Cybersecurity Product Lead at Maintel 

You Might Also Read: 

Microsoft Teams Is Vulnerable To GIFShell Attacks:

 

« EU Parliament Website Knocked Offline
Defending Against North Korea's Cyber Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

Sopra Steria

Sopra Steria

Sopra Steria is a leading European information technology consultancy.

(ISC)2

(ISC)2

(ISC)² is an international, nonprofit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

Wireless Logic

Wireless Logic

Wireless Logic delivers a range of secure and resilient value-added M2M/IoT managed services that empower remote devices to communicate cost-effectively, two ways.

SecuGen

SecuGen

SecuGen is a leading provider of advanced, optical fingerprint recognition technology, products, tools and platforms for physical and information security.

Crosscheck Networks

Crosscheck Networks

Crosscheck products allow you to test your APIs across different protocols and message formats with functional automation, performance, and security testing capabilities.

RIPS Technologies

RIPS Technologies

RIPS Technologies delivers automated security analysis for PHP applications as platform independent software or highly scalable cloud service.

Temasoft

Temasoft

TEMASOFT is a software company focused on developing security and infrastructure products.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.