There is no better business chat application than Microsoft Teams. The COVID-19 epidemic has brought it to the forefront as a vital area for businesses to continue to function properly. More than 270 million people use Teams each month. The pandemic has seen the number of platform users grow to 115 million by October 2020 and 145 million by April 2021, up from 75 million in April 2020. Since 2019, Gartner has seen a 44% increase in employee use of collaboration tools, with an expected overall adoption rate of 80% by 2021.
However, this widespread adoption of these technologies has made them vulnerable to a number of serious security flaws.
The Team app for Windows, Mac and Linux, for example, stores login tokens as plain text on the underlying device, as demonstrated by a study published yesterday by Vectra. This is important because it indicates that an attacker could get the authentication tokens along with other information if he successfully hacked the system on which the commands are installed. This flaw demonstrates the danger of relying on the security of consumer, public communication platforms to transmit sensitive business data such as IP addresses.
How dangerous is the vulnerability of Microsoft commands?
Communication tools such as commands have already been called out for lack of security. Avanan found an increase in cyberattacks launched using Microsoft commands earlier this year, with attackers spreading malware through conversations and platform channels. These new security flaws represent another flaw in programs designed to be used as enterprise-level communication platforms.
According to John Bambenek, chief threat hunter at Netenrich, the issue of attackers with local access collecting cookies and other site credentials remains unresolved. But that doesn’t diminish its importance. One of the main problems is that once an attacker gets a cookie, he can use it to impersonate that machine on any other device.
To prevent attacks on cookies and credential relays, Bambenek suggests that “developers and IT businesses supply these credentials encrypted with some unique local machine information.”
The problem with app collaboration
Unfortunately, even collaboration programs can have security flaws. They are susceptible to web attacks and phishing efforts, and they contain major vulnerabilities just like any other browser program. Some hashed passwords have been exposed for five years because of a bug in Slack that was only recently discovered. About a year before that, hackers used stolen cookies to break into EA Games’ internal messaging system, where they stole 780 GB of data, including the source code for Fifa 21.
It’s not that services like Slack or Microsoft are inherently unreliable, but that they are not updated often enough to keep up with the more sophisticated cyber-attacks and government-sponsored hacking campaigns targeting modern enterprises.
Yet many businesses still use these methods to transmit sensitive data, despite their known vulnerabilities. Veritas Technologies found that 71% of office workers worldwide admitted to using virtual collaboration tools to share confidential or highly sensitive information about the firm. So what options do businesses have?
Limiting the risks of collaborative applications
Vectra reported a new vulnerability in Teams to Microsoft in August, but the software giant didn’t think it was serious enough to merit a patch. In any case, businesses dealing with trade secrets or regulated information should exercise caution when using messaging applications that disclose sensitive information to the public. Nevertheless, they should not rely solely on stand-alone communications. However, this does mean that businesses need to establish strict safeguards to prevent leaks of confidential information.
While collaboration tools are indispensable in the current era of remote working, they also pose serious risks to an organization’s security and privacy if they are not used effectively, according to the Deloitte report. Organizations should monitor security risks, implement controls when possible, and prioritize services as these technologies continue to permeate all aspects of operations. Implementing content rules for platforms, building a web application firewall, and using Cloud Access Security Brokerage (CASB) solutions for data discovery are all examples of measures that can be put into practice.