Content collaboration is key — so is protecting your enterprise from its threats

Remember the days when workplace collaboration meant everyone was sitting in a conference room handing out printed documents and sharing presentations via a projector?

We’ve come a long way since then. Digital content collaboration platforms dominate the market: Slack, Trello, Monday, Salesforce and others have become household names. These tools have quickened the pace of business operations by allowing content and work to become more accessible to colleagues, partners and customers from wherever they are, on whatever device at any given moment. 

Content collaboration platforms are a great resource and have had an immense and positive impact on productivity. But it’s no secret that even the most prominent software is not immune from being used for malicious purposes.

The cyber threats associated with content collaboration software are often more unique and difficult to detect than email-based threats — we’re leveling up from the days of bad grammar and spelling and asking for gift cards! Hackers are stepping up their game and these aren’t the same types of threats entering your email inbox (or being directly filtered to your spam folder). 

Malicious content comes in different forms

Would it surprise you if I told you one of the most shared file types in collaboration software is gifs?. Enabling the use of gifs can enhance user experience, and arguably one of the most popular is Giphy. It has been so ingrained in our brains that malicious content comes in via the form of Word docs, Excel spreadsheets or PDFs that we don’t consider innocent-looking images and .gif files to be harmless, but they certainly can be. 

It is important to realize how most of today’s attacks occur. For starters, many attacks begin with compromised legitimate credentials, meaning you cannot always trust that the person you are communicating with is who they say they are.

Let’s say Becca, your colleague in the marketing department, has her Slack account hijacked. The threat actor is scrolling through her Slack direct messages and sees that you share gifs with her daily. All the attacker has to do is find a standard gif and embed malicious code deep within a pixel — this is not very complex and is also fairly inexpensive.

You, the recipient, would think nothing of this and would click on the image and open the organization up to a full network exposure and attack. Compromising one individual can lead to lateral network movements that jeopardize the entire organization. The error is not on the end user or the collaboration platform. These attacks are too advanced for the everyday user to detect and collaboration software is often not equipped with the necessary security features to thwart these threats. 

On the other hand, within some collaboration software such as Google Drive, videos (or animations) of a certain size do not play natively. Users would have to download the file — before they even have an idea of what the clip is — which could potentially trigger a payload if the file was malicious.

The same goes for zip files, especially those that require a password to open. Users don’t always know the contents they’re unpackaging, leaving threat actors the ability to bury malicious code deep within files being shared. 

Do you really know what your security posture looks like?

We all know that any workplace software has limitations in regards to the protection it provides, and that the onus is on the enterprise to integrate the proper guardrails. But that doesn’t stop many of us from having implicit trust in these platforms. The truth of the matter is that while these platforms do offer some level of security measure, not all of them are able to offer the advanced security measures necessary to prevent unknown threats, leaving gaps that hackers can learn to evade.

For example, many large enterprise-grade content collaboration platforms only use an antivirus program to prevent malicious content from being uploaded and shared among users. That may seem like a positive feature until you realize that antivirus programs cannot catch zero-day threats. The proliferation of zero-day exploits make this a very prominent gap in security protection. 

Secondly, often patches or updates issued by the collaboration software need to be installed by the organization. It’s rarely an automated fix, and if automatic fixes are available, you cannot always trust that it works — this has been a previous complaint with major collaboration platforms.

The frequency of patches and updates can be overwhelming (Slack for Windows has already issued several updates in 2023 alone.) Sure, many of these updates are minor bug fixes, but some are significantly more dangerous, like the recent Microsoft Teams vulnerability that takes advantage of Microsoft’s default configuration to reach employees and deliver malware. Sometimes, you cannot afford to let a patch or update sit for an extended period of time. 

Considering more than just productivity 

Collaboration software is a valuable tool when used securely. I am a huge advocate for finding avenues to accelerate productivity, but not at the hands of security. As a technologist, my areas of expertise span across the product lifecycle and in my prior roles I have always focused on building software with security and usability as a priority. So, before your organization fully embraces content collaboration platforms, I urge security leaders to consider the following: 

• A healthy dose of ‘fear’: We’ve reached a point where users are conditioned to be careful with email — time has proven this — but collaboration tools are not treated the same. I would never want users to be scared of interacting with content in collaboration software, but currently there is an overwhelming, and dangerous, assumption that these environments are inherently safe. With the purpose of collaboration in mind, we need to recognize the fact that there is work to be done and extra steps need to be taken to keep these areas safe from malware and harm.
• Extending security awareness: Remember, some attackers can fool users into believing they are an internal user and pass along malicious content. Educating and training employees on what these threats may look like, and providing general best practices for using collaboration tools safely is beneficial to all parties.  

These are high-level considerations, and as your organization continues to embrace and scale its usage of collaboration tools, dig deeper into security mechanisms and bolster your defenses.

 Aviv Grafi is founder and CTO of Votiro.