Slack is big……and just got bigger. The recent Slack IPO proved that. But Slack proved that it was big long ago. Its popular (dare I say ubiquitous) adoption by businesses of all sizes has made Slack, with 10m+ active users, a serious force in the collaboration or business messaging marketplace (according to Datanyze, outside of Microsoft Sharepoint offerings, Slack has the next highest team collaboration market share at 7.1%). While Slack adoption has been rapid, securing Slack communication has not been. Unfortunately this has made Slack a target for attackers and an unmitigated risk for your organization.
How Slack is Used
I use Slack daily for simple co-worker messaging, file sharing, and team collaboration. My use of Slack has surpassed my use of email – because it is easier, more immediate, and more completely solves my working needs. It combines the functionality of texting (it works great on phones!), file sharing and group chat. It provides seamless collaboration with presence sense, archiving, and acts as a springboard to launch other related tools (ex. launch a Zoom video conference session with a simple ‘/zoom’ shortcut command in the Slack message bar). It’s the first app I check in the morning – or second, just behind my appointment calendar.
While Slack’s primary use is for internal teamwork and communication, I’ve also experienced it for external community enhancement – as a vehicle for outside stakeholders to interact and companies to engage customers. For instance, a customer success team might setup shared slack channels that allow them to better support customers together with their partners. A product team might use it to dialog with a select early access customer group about a new release. A marketing team might get feedback on a new campaign idea in a virtual focus group from a customer advisory panel interacting on Slack. The searchable archive functionality in Slack preserves valuable feedback, making it quick for new team or channel members to come up to speed and join the conversation, and easy to find relevant information. Customer peer exchanges and self-servicing, competitive intel gathering from your field force, or channel partner enablement and support can all be greatly enhanced via easy to setup Slack channels. With Slack, community engagement becomes dynamic and digital.
Slack Security Concerns
As with any new medium, along with the good comes the opportunity for abuse – and Slack is a soft target. Fact is most Slack channels today operate in the clear, with little to no controls to enforce policy or appropriate use. Insiders may inadvertently share confidential content inappropriate for outsiders. Files shared within Slack may contain malware or malicious links that evade normal AV/malware inspection.
Communicating with vendors, prospects, and customers is easier than ever using Slack. However, opening up communication channels also opens the door to digital attacks. An irate customer may pollute a customer group chat with vitriolic language or worse, an ill-intent attacker can propagate malware, illegal or stolen content, and scams if they infiltrate a Slack channel.
Is Messaging Your Weakest Link?
Collaboration and messaging tools such as Slack, while powerful, require as much security attention as email or any other digital communication platform in your tool chest. Too often they are unprotected, despite that ignoring or assuming security for these channels can be costly.
In 2017, Slack detected and patched a vulnerability that would have given hackers full access to chat histories, shared files, and other features. Fortunately, the bug was discovered and fixed before any information was leaked. Leaked chat logs could contain embarrassing or private information that hackers would love to exploit, making customers vulnerable to ransomware and extortion, reputational damage or liability. Let’s explore this further.
In the following fictional example, GuitarPlanet, a regional musical instrument retailer, has created an open Slack channel where its customers can buy and sell vintage instruments.
Without proper monitoring, threat actors can easily include links to phishing sites, obtain PII and other intellectual property, or may engage in other behavior that damages GuitarPlanet’s reputation and scams their clientele.
As you can see in this example, one of the channel’s members has included a malicious link that leads to a phishing page to obtain email and Google credentials. ZeroFox analyzes messages in real-time and is able to detect the content of this message to be a phishing site. Furthermore, utilizing ZeroFox’s auto-remediate functionality, ZeroFox can remove this message before it affects other members in the channel.
ZeroFox for Slack Provides Real-time Protection
ZeroFox for Slack protects your internal and external collaboration teams by identifying malicious, inappropriate or confidential content posted in your Slack channels. ZeroFox for Slack is easy to set up, identifies attacks and compromising content in real-time, and provides in-line automated remediation with in-channel alerts. With ZeroFox you can protect your employees and collaboration partners from malicious & inappropriate users, malicious links, malware, ransomware, data loss, insider threats, violence, discrimination, abusive posts, pornography, inappropriate language, credential leakage and more.
To learn more about ZeroFox Slack Protection visit https://www.zerofox.com/slack/.
If you’re a ZeroFox customer, you can download ZeroFox for Slack in the Slack App Directory.