Story image

At-work collaboration apps most vulnerable to cyber attacks

27 Jul 2018

A study released by Israeli cybersecurity firm Perception Point this week has unearthed evidence that enterprise IT decision makers cast a wary eye over collaboration and social applications in the workplace.

According to a survey of 500 decision makers across several industries, 80% believe that cloud collaboration tools are very vulnerable to cyber attacks.

These tools include messaging and team platforms (e.g. Slack, Teams); enterprise social networks (e.g. Yammer, Jive); shared virtual workspace (e.g. IntraLinks, SharePoint); and file sharing apps (e.g.) Dropbox, Box, OneDrive).

Two thirds of respondents say their companies have been attacked via these channels at least once in the last year, and 78% say the attacks are increasing in sophistication.

But that’s not likely to stop the flood of tools in the workplace, as employees use more tools to maximise their efficiency and accessibility.

The survey found that 80% of respondents use between two and ten applications in their organization; while 75% say they will invest more in these apps in the near future.

Organisations are also directing IT budgets and resources to implement these platforms, but the security blind spots are still going unaddressed.

80% of respondents say employees in their organisations share files and URLs via shared drives and messaging platforms. This content isn’t being scanned by existing security tools.

“The findings of this survey underscore the urgent need that exists for EC&C security solutions,” comments Perception Point CEO Yoram Salinger.

“As more organisations adopt these essential applications, they are inadvertently expanding the number of channels that hackers can leverage to distribute malicious content. Perception Point has developed a security solution that allows CISOs and security experts to stay one step ahead of cyber criminals and take the appropriate precautions before it’s too late.”

The survey also shows that only 5% of companies have extended their in-house cybersecurity protection through the use of outside security vendors.

Perception Point says this underscored the limited adoption of third party enhancements.

Despite being the target of attacks via these channels, cybersecurity teams remain somewhat behind in fortifying their defenses, in large part due to limited category discussion of the issue.

Chillisoft rounds out portfolio with file integrity vendor
Tripwire is the fourth vendor for Chillisoft in six months, adding critical security controls, vulnerability management and file integrity monitoring.
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Optic Security Group celebrates Axis accolade
Auckland-based business security systems provider Fortlock has picked up an award at Axis Communications’ annual Oceania Axis Partner Summit 2019.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.