[BreachExchange] How Are Apps Like Slack And Dropbox Vulnerable To Attack?
Destry Winant
destry at riskbasedsecurity.com
Mon Jul 30 23:14:20 EDT 2018
https://hackercombat.com/how-are-apps-like-slack-and-dropbox-vulnerable-to-attack/
According to a recent survey report, many big IT decision-makers see
Enterprise Communication and Collaboration (EC&C ) apps like Slack,
Dropbox, etc as being vulnerable to cyberattack. The survey was
conducted by Israeli cybersecurity firm Perception Point and comprised
five hundred respondents representing different industries. The
respondents were from medium and large enterprises that had 1000-plus
employees. The survey covered “at work” EC&C apps (Slack, Microsoft
Teams etc), enterprise social networks (Yammer, Jive etc), shared
virtual workspaces (IntraLinks, SharePoint etc) and file sharing and
syncing apps (Dropbox, OneDrive etc).
A Channel Partners report, which discusses the Perception Point survey
report in detail, says, “Yoram Salinger, Perception Point’s CEO, tells
Channel Partners that unlike email, EC&C apps like shared drives and
messaging aren’t typically fortified with advanced security measures.
“This means that files and URLs shared in these channels aren’t being
deeply scanned for malicious content,” he said. “Intrusions can occur
when users interact with third parties on unmanaged endpoints, by
hackers using impersonation techniques, and even by insider threats
who have easy access. IT teams need to be aware that their attack
surface is increasing as the adoption of these apps grows. While they
remain very important business productivity tools, shared drives,
messaging, and anywhere files or URLs that are exchanged need to be
just as secure as email is.”
It’s also reported that almost 80% of organizations have between 2 and
10 of these apps; 90% of all respondents surveyed have stated that the
use of these EC&C apps has increased in the past one year. More
interestingly, 75% of the respondents have decided to invest in more
of these apps in the near future. This is to be viewed with some
concern as most of these apps, as Yoram Salinger points out, don’t
have advanced security. To be noted is the fact that almost 80 percent
of all respondents in the survey have confirmed that shared drives and
messaging platforms are used by employees in their organizations to
share files, URLs etc. This causes concern as content sent through
these shared drives and messaging platform are mostly left unscanned
by the existing security tools.
The Perception Point survey report also says that two-thirds of the
companies covered in the survey have faced a cyber attack at least
once in the past one year. 78 percent of companies felt that the
attacks are becoming increasingly sophisticated and that the hackers
are not employing advanced hacking techniques to exploit
vulnerabilities. They also manage to bypass the more fortified access
points (like email) very often. This seems to indicate that
cybercriminals are now targeting such unprotected channels (the EC&C
apps) along with targeting emails as well. So organizations would
definitely have to think of ways to protect these platforms as well.
The survey report also points out something very notable. Of all the
companies covered in the survey, only 5% have used outside security
vendors to extend their built-in protection. Despite these apps being
targeted by attackers, companies and cybersecurity teams seem to be a
bit indifferent in securing them. It seems that more discussion has to
happen regarding these and only such discussions could perhaps make
companies fortify defenses regarding these channels.
The Channel Partners report once again quotes Perception Point CEO
Yoram Salinger, who says- “There is now a big opportunity for IT to
leverage the move to the cloud to streamline security portfolios with
more holistic, agile solutions that are able to keep pace with the
innovations of hackers and protect multiple channels without
increasing costs, complexity or causing delays. IT needs to start
adopting solutions that are built for the cloud enterprise, while also
staying relevant within the threat landscape today and tomorrow.”
More information about the BreachExchange
mailing list