No Slack In The System

Uploaded on 2022-11-30 in TECHNOLOGY--Resilience, FREE TO VIEW

Hybrid working has made internal comms channels and collaboration tools necessary for most businesses, with Enterprise Instant Messaging (IM) services such as Microsoft Teams and Slack becoming increasingly ubiquitous.

Slack, with an estimated 20m daily users, has become the platform of choice for many of the world’s most prominent organisations, including IBM, Amazon, PayPal and Airbnb. And it is clear why - enabling communication and collaboration between team members, no matter where they are, answers many of the needs of today’s hybrid workforce

However, while giving with one hand, corporate IM services, like Slack, are taking with the other. As well as opening up communication, they are also proving to be a new cyber attack vector that cybercriminals are using to devastating effect. 

Last year, EA Games was the victim of a high-profile cyber attack in which Slack played an integral role. Gaining access to EA’s internal Slack channel, the hacker could pose as an employee to request login information for sensitive files or send files with embedded malware to enable lateral movement and escalation of privileges. Similarly, Uber recently warned employees to stay off Slack after a similar criminal infiltration using phishing methods to persuade an employee to hand over login details. According to EY, 40% of organisations have reported a cyber intrusion directed at their remote work environments. 

Hackers will use any method and any channel to target companies, with comms channels ripe for breaching company defences. However, the answer is not to give up on tools like Slack. It is about reducing exposure to risk while still offering effective connectivity.

A Hybrid Risk Requires Holistic Protection

The post-pandemic boom in hybrid and remote working models has changed the world of work - in many ways, for the better. According to Future Forum research, those working in these models are 52% more likely to say that their company’s culture has improved over the last two years, 11% reported greater work-life balance, 25% less stress, and 6% higher productivity.

There are also risks associated with this shift, with data privacy challenges, increased risk of cyberattacks, limited defense and response capabilities and compliance violations the top concerns,

There is no one solution to these concerns. Instead, organisations must take a holistic approach to hybrid workplace cybersecurity. As always, it takes a combination of people, processes, and technology to keep the doors closed. Here we explore what this looks like in practice. 

Encompassing Employee Engagement:   When employees are dispersed, it is even more crucial that each and every one of them understands and acts on their responsibilities to minimise cyber risk. The headline-grabbing attacks on EA and Uber may have been avoided had employees spotted the signs of phishing. Just as many companies have educated employees on the risks of opening email attachments or verifying the identity of a sender, there has been less focus on communicating those same risks can rear their heads on IM channels, like Slack. When introducing any new platform users must be educated on the types of risks that could present themselves. 

As the Chief Information Security Officer at Softbank recently told KPMG, “Since human error can be considered one of the greatest vulnerabilities in security it’s crucial to eliminate this threat by educating employees and helping them become better digital citizens at work and at home.”

Similarly, employees using their own devices on private networks can throw up numerous issues. Remote access with multi-factor authentication secures data on the move and in the office with encryption, ensuring that data can only be accessed by authorised users. Using end users’ mobile devices as their mobile token then acts as a second layer of authentication.

Fully stacked Security Tools Without The Stress:   There is a massive range of tools and technologies available to combat cyberattacks, and in the hybrid working environment, it is essential to harness a multi-layered approach. Encompassing standard tools such as anti-virus, anti-malware, and anti-spam should now be a given. 

However, other key technologies to consider include data leakage prevention (DLP) to ensure users don’t send sensitive or critical information outside the network with pattern-matching techniques that detect and prevent sensitive information and files from passing through the network perimeter. Advanced Threat Protection (ATP) protects against zero-day and other sophisticated targeted attacks. This sandbox protection detects, analyses and evades advanced attacks designed to bypass traditional defences (targeting specific people or functions).

Alongside this, the use of firewalls, site-to-site encryption, intrusion detection and prevention and proxy blocking all play a part in minimising hybrid risk. Increasingly, AI and machine learning also play a key role in detecting rogue behaviour, with advancements moving forward at a breakneck pace.

Hope For Hybrid Security

For many organisations managing this encompassing suite of developing technologies proves a burdensome task. Instead, many are turning to real-time and constantly updated managed security services which sit between enterprise networks and the internet. Protecting from external threats and intellectual property leaks, such managed services provide secure remote access to employees wherever they work. 

The recent Slack hack cases show, again, that hackers will use any means and any channel to achieve their goals. As new digital tools become business-critical, more doors will open. By adopting an in-depth, multi-layered approach to security, it is possible to predict, detect, alert and respond to any threats, including those that have yet to emerge.

 David Nelson is Cybersecurity Product Lead at Maintel 

You Might Also Read: 

Microsoft Teams Is Vulnerable To GIFShell Attacks:

 

« EU Parliament Website Knocked Offline
Defending Against North Korea's Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

Langner

Langner

Langner is a software and consulting firm specialized in cyber security for critical infrastructure and large-scale manufacturing.

CNA Insurance

CNA Insurance

CNA offers a market-leading suite of cyber liability insurance products and risk control resources for businesses of all sizes.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

SAIFE

SAIFE

SAIFE has adapted a Software Defined Perimeter approach and paired it with a Zero Trust model that defines access by the user, their device, and where they are located.

Intechtel

Intechtel

Intechtel is a cyber security company, in addition to providing other internet, technology and telephone services.

LeadingIT

LeadingIT

Leading IT provides IT support, cloud computing, email support, cybersecurity, networking and firewall services to Chicagoland businesses.

Switchfast Technologies

Switchfast Technologies

Switchfast Technologies is an IT consulting and managed services provider, offering IT support and consulting to Chicagoland small businesses.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

Dutch Institute for Vulnerability Disclosure (DIVD)

Dutch Institute for Vulnerability Disclosure (DIVD)

DIVD's aim is to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

SecOps Group

SecOps Group

SecOps Group is a boutique cybersecurity consultancy helping enterprises identify & eliminate security risks on a continuous basis.

Google Safety Engineering Center (GSEC)

Google Safety Engineering Center (GSEC)

GSEC Málaga is an international cybersecurity hub where Google experts work to understand the cyber threat landscape and to create tools that keep users around the world safer online.

InfoTrust

InfoTrust

InfoTrust is a leading specialised cybersecurity practice that combines a customer-first consulting approach with next-generation security solutions.