We’re going to paint a picture here for you. You are just doing your job.
You are collaborating online with a colleague on this month’s status report, using your organization’s communication platform (e.g. Chatter, Slack, Yammer, etc.), in addition to the ‘New Vision’ project. You clearly are also working on some very high-level projects by the way
Then, both you and your colleague, members of Team 1 within your communication platform, get a notification and message within a group of 150 people, from the Team Lead. That status report needs to be updated ahead of schedule. Now the whole team knows the pressure is on you.
Then you get a link from another teammate that could be a URL that’s applicable to your status report, or maybe its relevant to your New Vision project - but it doesn’t look like its from Sam. But you have implicit trust in what he sends you so you click on it.
What you didn’t realize is that now you have effectively launched a virus. This is how cyber attacks start, and this how successfully targeted attack campaigns expose unknowing or unsuspecting employees and launch dangerous code via digital channels.
That’s it – that’s how simple and easy it is for a highly malicious and damaging virus to launch and proliferate internally at an organization, where controls are not in place to consistently monitor, detect and protect against these threats. Digital sprawl carries a ton of risk. But so many companies and employees do not think this way.
The Risks Extend Well Beyond Email
With the buzz on the Petya ransomware virus that has swept through Europe, India, and the US, you can see how easy it is for employees to make bad decisions in the wake of the fact that they are under attack.
The Petya attack, very much like last month’s WannaCry attack, is leveraging the same vulnerability, a backdoor exploit called EternalBlue, is encrypting hard drives in addition to files, which most ransomware attacks target first. So far organizations are tracking over 2000 separate attacks, including major banks in the Ukraine, with a spread to at least Denmark, Russia, the UK and the US.
While Petya is dominating the current news cycles, the message has been clear – don’t click on suspicious emails or links within those emails. Great - but what about these enterprise communication platforms that are rapidly augmenting and in many cases, replacing email?
Or how about your organization’s social media presence? With the skyrocketing adoption of such communication and social platforms throughout organizations, these should be equally scrutinized and protected against digital risks that are normally attributed to email.
This is internal to your organization. You can’t just tell someone to not click on something that looks suspicious in email – what if it’s not in email? And in social media we are talking about external exposure, with the added risks including account hijacks/takeovers.
The point is a malicious link can be served up anywhere, in any digital platform you use, whether it’s a simple virus that be neutralized quickly, or a purpose-built virus that is part of a larger campaign.
Clicking on it - it goes viral. With serious consequences. Here’s how Social SafeGuard can help.
Powerful Detection, Monitoring, and Remediation for Enterprise Communication Platforms
Our strength is in protecting companies across enterprise communications platforms like Slack, Chatter, Yammer, Skype for Business, and SharePoint – as well as across social media platforms like Facebook, LinkedIn, Twitter and Instagram.
The Social SafeGuard platform can identify threats and malicious content/URLs through real-time monitoring of content across enterprise communications platforms.
We can do this because we can detect known malicious domains as part of our ability to continuously scan content, and then find the source of that that content based on the wealth of feeds and threat intelligence we leverage.
That malicious link could be included in the body of a post, or embedded into an attached PDF or a Word doc, not part of the post content itself. That link could also be included somewhere within a Web page or article that is referenced in the post. We can identify the malicious link regardless of where it presents itself, and remove it so it doesn’t proliferate.
We are able to roll that entire platform across thousands of users back to a safe state. And we can execute an automated take-down of the content, URL, or file attachment, by performing a cleansing sweep of every account.
For example, if a potentially malicious URL made its way into a Slack or Chatter conversation at a company, we would automatically remove the content and notify the appropriate personnel for additional investigation – but the point is we can remove it quickly. You can’t do this by simply restricting access and privileges, or by relying on your firewall to notify you.
Detection, Monitoring and Remediation for External Social Media
Due to the highly public nature of social media, the inherent risks here are even more profound. Anyone can comment on a publicly-facing social media site – perhaps your organization’s Facebook page. Such comments can contain inappropriate or otherwise malicious content, which is immediately available to a wide audience.
Or worse yet, the account could be hacked – resulting in the account or page being defaced and/or malicious, inappropriate, or sensitive content being posted out through the account.
Social SafeGuard can again help detect and remediate these types of issues – automatically blocking or removing the offensive posts as well as reverting any changes to the account or page profile.
This level of risk detection and remediation is no longer a luxury, but rather a necessity given the visibility and easy proliferation of attacks across widely used enterprise communication and social platforms. The Petya attack is another clear illustration of definitive targeting by an attacker and there will be more. The consequences are severe for not taking proactive and corrective action. We are here to help companies with their Digital Risk Monitoring and Management challenges.