Slack is quickly becoming the most popular tool for organizations to communicate – but does it pose security risks?
By Joel WittsUpdated Nov 24, 2022
Slack is a collaboration hub for businesses that has
exploded in popularity over the last five years. It now has 10 million daily
active users, making it by far the leading platform for live chat within
businesses. Slack boasts that it’s being
used by ‘65 of the top Fortune 100’ companies. Their internal statistics tell
us that 85,000 businesses, from SMBs to large enterprises, are now using the
paid tier of Slack within their organization.
This huge number of users represents an opportunity for
hackers to utilize the platform to infiltrate networks and gain access to
sensitive data. So, how secure is the Slack platform and should your
organization be thinking of security solutions to protect this attack vector?
Is Slack Secure?
When Slack first launched in 2013, it was branded as a
friendly alternative to Microsoft’s team tools. You could communicate instantly
using this platform, with group messages and full conversation logs. This made
it instantly attractive to businesses looking for an easy to way to instantly
share messages, with integrations with other business apps.
However, in 2015 Slack
was hacked, revealing the holes in its security. The company announced that
over four days it’s systems had been hacked, compromising some of its users’
data. This included email addresses, usernames, encrypted passwords. Slack also
noticed some suspicious actives on user accounts, suggesting at least some
accounts became compromised. A
compromised Slack account from a CEO or executive level position could cause as
many security issues as a compromised email account. This hack led Slack to
implement two-factor authentication.
Just this week, another security vulnerability was uncovered in Slack that allowed hackers to remotely exploit a vulnerability in slack to alter where files sent though Slack are downloaded, allowing them to inject malware or alter information, as reported by Threatpost. This bug has now been patched, but the attack surface for Slack remains large.
Open Communities and Phishing attacks
Slack features ‘open communities,’
which allow large groups of people to communicate easily. Channels can be
opened with any individuals, and a username is all a user has to verify the
identity of the person they are speaking to.
This means that like email, Slack
has become a platform where users must be vigilant about looking out for
phishing attacks and spam messages. Because Slack is invite-only, users assume
that their workspace is secure, but this is not always the case.
In 2017, a group of hackers used an account pretending to be a ‘Slackbot’, which sent out a phishing attack directing people to a fake site where their financial details were collected.
These types of phishing attacks
through Slack could be potentially much more damaging than a similar campaign would
be through email.
In an interview with Expert Insights, President and CTO of SafeGuard Cyber Otavio Freire argued that “people have learned to distrust what they see in an email. But with new technologies, they haven’t experienced that reason to distrust yet.”
Slack themselves, while removing the infected accounts, have put the onus on security teams to protect themselves from phishing attacks telling Ethnews “we encourage team admins and members to be vigilant, and to review and enforce basic security measures.”
So how can business protect themselves while
Security solutions for Slack
Like email, Slack is an
incredibly useful and productive communications tool for businesses. Also, like
email, businesses will not stop using Slack because of the security concerns.
Slack has provided security vendors a way to create security solutions for Slack using their open source APIs. This has allowed vendors to create multiple security apps for Slack that can be easily be installed straight from the app browser menu within Slack itself. These solutions are an ideal way for businesses to protect themselves from security threats while using Slack.
Avanan, a vendor known for
their CASB solution, has created a security platform for Slack that provides URL
filtering, protects businesses from malware, identifies and blocks accounts
that have been hacked, and provides a full administration dashboard. This can effectively
protect businesses from phishing links and compromised accounts on Slack.
Other companies, like SafeGuard Cyber, have established a platform for compliance, archiving and security on Slack. This provides businesses with cyber defence by evaluating all Slack messages, images, attachments and links for malicious content. It also provides them with real time compliance but archiving messages.
Our top recommendations for Slack security tools include:
Avanan is a cloud email, messaging and collaboration protection platform that uses advanced anti-malware, sandboxing, and threat detection engines to enable protection for a range of SaaS applications, including Slack, Teams, Office 365, Google Workspace, Box, DropBox, Google Drive and OneDrive. Avanan was acquired by Check Point in 2021 and leverages their market leading malware protection engines.
Avanan provides a range of key security features for Slack. The Avanan “Slack-Bot” provides data control, removes malicious content, and alerts users to security risks. All files shared and received in Slack are scanned for malware or ransomware, and all malicious files are automatically removed from user chat windows. This helps to keep your digital work environment secure, however you choose to communicate with colleagues.
We recommend Avanan as a strong security tool for Slack, providing enhanced protection against malware and ransomware. It’s a particularly strong solution for organizations looking for an all-in-one SaaS collaboration and communication security platform, for email, instant messaging, and file sharing applications.
Netskope is a global leading cybersecurity provider for enterprises, providing solutions across cloud, data and network security. Netskope protects thousands of customers globally, including more than a quarter of the Fortune 100. Netskope’s solution for Slack provides enhanced visibility and control for Slack deployments, with management over security policies to ensure Slack messages and files are kept protected.
A key feature of this solution is data loss protection. Netskope provides enhanced visibility into Slack messages and file sharing, allowing admins to see details of any files shared, specifying where they have been shared to, preventing the leaking of sensitive files. This module is readily integrated into Netskope’s Intelligent SSE security cloud, a market leading security stack for the cloud including Zero Trust, email security, endpoint protection, a secure web gateway and more.
We recommend Netskope for large enterprise organizations looking for Slack protection across a large user base. It improves Slack controls, and via integrations with Netskope’s cloud security platform enables protection against cloud threats and unauthorized data movements.
All businesses should be considering the security of Slack and the steps they can take to make sure their employees and sensitive data and financial information sent through Slack is safe.
Simple steps to enhance the security of Slack are to make sure that no employees share any sensitive business information or private account deatails through Slack. Everyone should also be using two-factor authentication, to minimize the risk of account compromise.
Businesses’ should also consider using one of the security solutions outlined earlier in this article. If Slack is replacing email for your internal business communications, having an established security solution in place will become vitally important in protecting your business data.
About Expert Insights:
Expert Insights provides leading research, reviews, and interviews to help organizations make the right IT purchasing decisions.
Joel Witts is the Content Director at Expert Insights, meaning he oversees articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel has conducted interviews with hundreds of industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.