Internet Cyber Security Digital Concept
Can’t you attend Transform 2022? Check out all the summit sessions in our on-demand library now! look here.
Microsoft Teams may be the world’s The largest enterprise communications platform. During the COVID-19 pandemic, it has become a critical space for business users to stay productive.
Teams has over 270 million monthly active users. The pandemic helped the platform’s users accelerate from 75 million in April 2020 to 115 million in October 2020 and 145 million in April 2021.
Overall, Gartner recorded a 44% increase in employee use of collaboration tools since 2019 to the extent that 80% of employees use collaboration tools for work in 2021 . The door to some serious vulnerabilities.
MetaBeat will Gathering thought leaders in San Francisco on October 4 to provide guidance on how Metaverse technologies are changing the way all industries communicate and do business, CA.
For example, versions of Teams for Windows, Mac, and Linux store authentication tokens in plain text on the underlying device, according to research published yesterday by Vectra. This is important because it means that if an attacker compromises a system where Teams is installed, they can access authentication tokens along with other information.
This vulnerability highlights the inability of enterprises to rely on the security of consumer-grade, public-grade communications platforms when transmitting sensitive information, IP, and other data.
How serious is the Microsoft Teams vulnerability?
This isn’t the first time collaboration tools like Teams have been criticized for being insecure. Earlier this year, Avanan saw a significant increase in cyberattacks on Microsoft Teams, with threat actors using chats and channels to spread malicious .exe files.
These new vulnerabilities are another gap in the application armor designed to be an enterprise-grade communications platform.
“Essentially, this is still [the] unresolved problem of attackers with local access stealing cookies and other web credentials,” said John Bambenek, Chief Threat Hunter at Netenrich Say. “That’s not to say it’s not important. The fundamental problem is that an attacker can steal the cookie and use it on any number of machines to replay an authenticated machine.”
” I’d like to see developers and tech companies send these credentials hashed with some local machine-specific information, so cookies and credential relay attackers are completely gone,” Bambenek added.
Problems with collaborative applications
Collaborative applications are not immune to vulnerabilities. Like any browser-based software, they are potentially buggy and can be the target of web-based attacks and phishing attempts.
Just recently, a vulnerability in Slack exposed the hashed passwords of some users over five years. About a year ago, attackers used stolen cookies to hack into EA Games’ personal communication channels, allegedly stealing 780GB of data including FIFA 21 source code.
The problem isn’t that solutions like Slack or Microsoft are particularly weak, it’s that they’re not optimized to keep up with the level and state funding of sophisticated threats cybercriminals target modern organizations actor.
Despite these weaknesses, many organizations continue to share protected information through these channels. According to Veritas Technologies, 71% of office workers worldwide admit to using virtual collaboration tools to share sensitive and business-critical company data. So what can organizations do?
Limit the risks of collaborative applications
Vectra reported the new Teams vulnerability to Microsoft in August, but the latter disagreed that the severity of the vulnerability required patching.
In any event, businesses that handle and manage trade secrets or regulated information need to be cautious about using communications applications that put high-value data at risk. That doesn’t mean they should stop using communication apps altogether. But it does mean they should implement strong controls to reduce the risk of data breaches.
As a Deloitte report points out, “Collaborative technologies, while critical during the virtual work surge, can pose a threat to an organization’s security and privacy if not managed properly. Serious threats. As these technologies expand their reach and penetration in business operations, organizations should pay close attention to potential threats, develop controls where feasible, and improve service availability.”
In practice, controls include the use of strong random passwords of choice, the use of Cloud Access Security Broker (CASB) solutions to identify data breaches, implementation of platform content guidelines, and deployment of web application firewalls to detect application-layer attacks.
The Mission of VentureBeat will become technology decision makers with access to transformative enterprise technology and management. Read about our newsletter.