Is your team at risk of corporate espionage or data leaks on Slack? Discover how cybercriminals exploit messaging platforms and what you can do to protect your business from Slack spycraft.
HR software giant Rippling leveled an explosive allegation of corporate espionage against Deel, a prime competitor to Rippling. In a blog post outlining its lawsuit against Deel and crackling with outrage, Rippling accused Deel of planting a spy within its payroll operations team in order to “conduct thousands of suspicious searches and funnel stolen confidential business intelligence directly back to Deel.”
This story highlights the profound vulnerability of traditional enterprise collaboration solutions that open the door to dangerous, disruptive, and potentially debilitating data compromise and exfiltration.
The storyline proceeds like something out of a movie plot, and Slack plays a fascinating supporting, or shall we say “enabling” role.
As coverage from TechCrunch detailed, Slack played a major role in the skullduggery and the discovery thereof. According to the lawsuit, the employee who had no legitimate purpose to access the trade secrets was somehow able to freely search Slack channels over 6,000 times to find and leverage confidential sales pipeline data.
The narrative related to Slack focuses on the fact that the Rippling team used analysis of the unusual Slack activity to flag the employee’s sustained, high volume of search in these sensitive channels. They then created a honeypot Slack channel, sent a “tip” to Deel senior executives that this channel would interest them, and then immediately observed the employee snooping in that otherwise unused and empty channel. Mind-blowing if true.
In this narrative, Slack is cast as a protagonist, aiding the discovery of the breach. Which seems very nice. However, this ignores a massive problem that the narrative leaves out–the fact that Slack enabled a random employee with no “need-to-know” to access highly sensitive data. That’s not a good supporter of data protection and privacy; that’s a toxic enabler of bad behavior and exfiltration.
While it is appropriate to applaud the vigilance of the Rippling team, it does raise the question: Why is all this confidential data so open to discovery by any rando in the company?
The answer is that Slack, Teams, and their ilk architected their products and sold the market on keeping the lowest possible security that will pass a corporate sniff test. Zero Trust is simply not a default part of the picture. Channels tend to be wide open, with no meaningful segmentation. And even if channels are kept “private”, they aren’t secure. In Slack, data isn’t encrypted end-to-end, so anyone with admin access can get to everything.
The negligent approach to zero trust architecture extends to many other examples, such as how Microsoft Teams approaches federations. This isn’t a mistake, it’s by design. As Jen Easterly, the former Director of the U.S. Cybersecurity and Infrastructure Security Agency said at a past Black Hat conference, “For decades, technology vendors have been allowed to create defective, insecure, flawed software.”
Rippling got burned by this insecure approach to collaboration. But it could have been far, far worse. The prime case study in getting absolutely torched by Slack’s zero-trustworthy security is Disney. They lost a massive trove of sensitive data because an admin was compromised and exfiltrated a Terabyte (!!!) of confidential information from their Slack instance. Sound familiar?
What if the spy wasn’t just interested in Deel deals (pun intended)? What if they were more nefarious? What if they were employed by a criminal syndicate and intended to leverage that confidential communication to deeply infiltrate systems and plant ransomware? Or what if a hacktivist was out for blood and just wanted to maliciously leak information out to the world and tank the entire company’s value and brand?
If your organization is exposing highly confidential information in open or even private Slack channels, you’re taking significant risks. Sure, somebody might be a hero for being able to use Slack forensics to figure out why the company got hacked and crushed, but what good is it to analyze how the horses got out of the barn when they’re a thousand miles away?
Adopting a secure collaboration suite for sensitive communication is simply a must-have today. The world is becoming far less secure as more governments become “transactional” in their regard for the privacy and sovereignty of corporate and consumer data. Meanwhile, predators only need to succeed once to cripple or even kill your business.
Even if you choose to keep much of your non-sensitive communications on a mainstream platform, a secure collaboration solution is essential to meet key use cases that require greater protection:
In fact, for critical infrastructure organizations in the EU that are covered by NIS2 regulation, maintaining a secure communications platform is a requirement under Article 21 to cope with IT outages, disaster scenarios, and cybersecurity incidents.
The good news is that with Wire, you can get a full-featured, easy-to-use collaboration suite with the most powerful end-to-end encrypted communications available, including post-quantum cryptography support. Wire’s end-to-end encryption (E2EE) platform, the first that is entirely powered by IETF standard Messaging Layer Security (MLS), is not only incredibly robust but delightfully invisible to users. Wire offers thoughtful administrative controls that meet the needs of the most security-conscious organizations while keeping it simple for organizations that just need a protected Out-of-Band (OOB) communications platform that can be easily adopted at the spur of a moment.
If your organization doesn’t have appropriate protection for its sensitive communications today, don’t wait until you’re part of a drama like Rippling and Deel.
Tech marketeer. I like readin' and writin' about cloud, data, networking, monitoring, DevOps.
In this guide we will list key factors to consider when searching for an enterprise secure messaging app, including an in-depth comparison of...
Learn why end-to-end encryption and zero-trust architecture are essential for secure enterprise communications in the wake of the China Salt Typhoon...