Large enterprises, from banks to healthcare, are increasingly using messaging and collaboration tools to improve communication and productivity among their employees. However, a recent report by industry analyst firm International Data Corporation (IDC) has revealed that these apps can instill a false sense of security, putting millions of users at risk for cyberattacks. According to the report, worldwide revenue in the collaboration applications market grew by 28.4% year over year in 2021 to $29.1 billion.
While email remains a popular communication tool among businesses, more sophisticated attacks are happening over messaging apps like Teams and Slack. Unfortunately, many organizations tend to have a myopic view of messaging security and assume that it’s only about email. As a result, they aren’t taking the necessary steps to secure these platforms.
Access tokens, which tie together the scopes and permissions that an app has obtained to interact with the Slack platform, are a prime target for cybercriminals. Hackers can steal a user’s Slack token and impersonate them to send messages to colleagues, asking them to click on a link or download a malicious file. Colleagues typically believe that they are in a trusted environment and are more likely to follow instructions or click on links.
Unlike emails, messaging tools have fewer safeguards in place, making them an easy target for cyber attackers. While email users are frequently warned by the FBI, security awareness training programs, and other organizations to follow basic common sense security protocols, like not to trust emails that ask for urgent things, the same guidance is not available for messaging tools.
Even though collaboration software providers are working on incorporating better security features into their products, companies need more than basic malware scanning as zero-day malware or social engineering tricks are still being missed. Organizations need to include messaging tools as part of their overall comprehensive cloud security strategy.
Here are some immediate countermeasures that companies can take:
– **Don’t federate with everybody.** If a company wants to interact with another company on Slack or another messaging app, they should establish a relationship before doing so, also known as a federation. Companies should build a workflow so that they can initiate a federation with interested parties, but not everybody can federate with their tenants.
– **Question the intention.** Just because a message is sent through a secure messaging app doesn’t mean it’s secure. Companies should check the sender’s intention to confirm the legitimacy of their request.
– **Watch that executable.** People still exchange malicious executables on messaging apps. Companies can limit document exchange only by using filter capabilities built into Slack and Teams.
– **Enhance behavioral analytics and monitoring.** Companies can use tools like CASB to inspect what users or apps are posting, fend off risks like malicious files, and provide visibility into behaviors that are out of norm to allow for remediation.
In addition to the steps mentioned above, companies need to build a culture of security that educates their employees on the potential risks messaging tools may pose. The intimate nature of these apps may foster a false sense of security, but businesses need to ensure that their employees understand the risks of these platforms. With a comprehensive security strategy and employee education, organizations can use messaging tools to improve communication and productivity safely and securely.