October 29, 2018 - Writing - ComputerWorld
As the remote work Gaining ground in the corporate world, interest in messaging platforms such as Slack, Discord, and Telegram offers APIs for integration with other enterprise systems.
As with any other corporate trend, hackers have more of this opportunity to act. This strategy is not difficult to understand, as chat solutions - like any communication platform - are often used to share sensitive information that can be used for fraud or attack. This is what alerts Trend Cybersecurity Solutions Specialist.
The company listed three reasons for companies to be alert about chat usage.
Command & Control Connections (C&C)
According to Trend Micro's own research, virtually all chat system APIs can be similarly exploited, allowing connections to C&C servers under hacker control. This way attackers can use the company's own chat as a C&C environment, supporting connections to other infected systems. This makes room for a wide variety of malicious processes, including data theft and malware attacks.
A platform for malware
Speaking of malicious infections, Trend Micro researchers have found that chat platforms can be used to receive and distribute malware to their victims. Discord, for example, can be used by hackers to store malicious code such as file infectors and bitcoin miners for the purposes of system theft and crypto-hijacking. Cybercriminals have also used Telegram to distribute parts of ransomware such as TeleCrypt, which encrypts victims' systems and their data, and demanding ransom payments for their release.
In general, all of these instances have one aspect in common: exploiting their APIs for malicious use.
The fact that hackers are able to use platform APIs makes it difficult for chats to secure, especially because blocking these features would prevent legitimate use of the program. Thus, according to Thiago Bacellar, Trend Micro Brazil Sales Engineer recommendation, what companies can do to improve chat security is, by addressing potential information leaks through chats, not focusing their defenses on unified points in a single layer of security. “By addressing these multi-layer security breaches along with highly visible information monitoring of potential data theft, companies are already evolving the security of these platforms,” he said.
“The qualification of a potential awareness committee within companies by clearly and objectively passing on how employees should handle sending or accessing these platforms appropriately, making those who have access to such platforms do so in a way that will not harm business and corporate information, ”added Bacellar.
THE [SAFEWAY] is a widely recognized company as a provider of premium information security and cybersecurity solutions. From its extensive portfolio, we highlight several solutions, including those based on platforms:
- Archer da RSA Security, considered by the institutes Gartnerand Forrester and by the market itself, the most complete process integration solution for Governance, Risk Management, Compliance and Business Continuity Management;
- [SAFEWAY]Security Tower, supported by IBM Qradar (Watson technology), tailored to each organization in its security and cyber defense management needs.
- And others, involving technologies Imperva, Thales, BeyondTrust, Manly, WatchGuard Technologies
