Digital security company ESET evaluated the business and entertainment life, which started to slide into the virtual world, from the perspective of cyber security. We have moved to a new dimension in working, socializing and playing games with cloud-supported applications both in our hands and in our pocket devices. Users are not just passive spectators in a network of virtual environments, but active participants who create their own communities and shape others. It's almost impossible to escape this hybrid life. So maybe we have only one option left, and that is to fight bravely but carefully.
With the pandemic, many people and institutions had to compensate for the losses experienced because they gave up working conditions in the physical environment. The virtual transition has begun as individuals and institutions turn to tried and tested connectivity solutions such as Microsoft Teams, Slack and Zoom, which combine rich communication features with support and productivity tools. Along with Skype and Skype for Business, they were all well-known companies before our “new normal”; however, the transition to hybrid work, education and gaming has increased the popularity of these platforms. Shared access and shared files, parallel business processes, instant messaging and more services such as cloud-based solutions have become easily accessible. But there is also the other side of the coin.
Anything that becomes quite popular also attracts attackers. This also applies to cloud-based solutions. Cloud-based cyberattacks accounted for 2020 percent of all cyberattacks in 20. As the popularity of cloud-based services does not decrease, the interest of attackers does not disappear.
Launched in 2017, Microsoft Teams is currently the fastest growing Microsoft app and communication tool. Annual Teams users increased by almost two cards in 2020 and 2021, with 2022 million users in 270. Most of the users in question are people in the 35-54 age range of working age. Although it is designed for business purposes, Teams, which is the choice of most people, is now widely used for educational purposes and plays a role in people's private lives. Although Microsoft Contact stands out as a comfortable option among communication applications, it also carries some risks. In 2021, a vulnerability was discovered in Teams that allowed insiders to steal email, Teams messages, and OneDrive and SharePoint files. More recently, in August 2022, a post-attack risk emerged from Teams preserving access tokens on disk in plain text. Risks like this mean that cloud-based solutions are more vulnerable than on-premises solutions and therefore need a dedicated layer of cloud-based protection.
Another cloud-based video conferencing solution that has become popular in recent years is Zoom. This Peer-to-Peer (P2P) software platform has exploded during the pandemic as people started working, socializing and participating in events online. Widespread use of Zoom has of course attracted the attention of many malicious people. The platform has experienced many data breaches since 2020. In the early days of the pandemic, more than 500 million usernames and passwords were leaked on Zoom.
Similarly, productivity app Slack fell victim to its success, claiming to reduce the need for email by 32 percent and meetings by 27 percent. This instant messaging platform allows users to make voice calls and video calls. sohbetto make and special sohbetIt allows you to post messages and media files, either in social media or as part of a community (workspace). Slack also carries security vulnerabilities and risks to users. A new vulnerability was reported in 2019. In this attack, attackers exploited a vulnerability in the Slack Desktop app for Windows to replace the download location of files sent over a Slack channel, installing malware on those files and stealing them. One of the most prominent downsides of Slack is its open community feature, which allows large groups to connect with each other. Like email, Slack has become an excellent carrier for phishing attacks and spam.
The hybrid workplace we live in has the power to transform. What started as business apps turned into social communication platforms, opening up a whole new channel for security and privacy risks. With the transition of businesses to the social field, the services on these platforms are being replaced by other services. But they are not alone in this task. They constitute a force within platforms undergoing change. Popular communication applications such as Facebook, Telegram and Bumble constitute another strength. Although they are basically social media applications, they also have the power to transform. These appear to have been redesigned for corporate users and carry with them both success and new cyber risks.
Günceleme: 16/01/2023 14:21