Virtualization Technology News and Information
Avanan 2023 Predictions: Focusing on Collaboration and File Sharing Security


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

Focusing on Collaboration and File Sharing Security

By Jeremy Fuchs, Cybersecurity Researcher/Analyst at Avanan, A Check Point Software Company

If you get an attack in Slack or Microsoft Teams, how would you respond? What about in OneDrive or Google Drive? Would you be prepared? Would your users even notice?

Also, how many times have you received a suspicious text message or voicemail? Have you received it on your work phone?

Let's face it, much modern work gets done on file-sharing and collaboration apps, with the use of mobile phones contributing significantly. The new manner in which work is done is not merely the "virtual water cooler". Business decisions are made, data flows at the speed of business,files are shared back and forth. It's not just the virtual water cooler. (Although it certainly serves that purpose.) File-sharing and collaboration apps are the new hub of business.

With increasing amounts of internal communication taking place on these apps, more stakeholders are able to utilize the communications systems. Robust communications environments like these can open up opportunities for major attacks.

Channels are not a priority to be fully protected. Phishing training is covered in email, but it hasn't yet transitioned to these other apps. Think about this facetious, but real, example: In Slack or Teams, any user can change their name. Sometimes it's a funny joke or nickname. But there is nothing stopping a hacker from entering a Slack environment, changing their name to that of an employee, and wreaking havoc. How would you, as an end-user, know the difference?

Enterprises will need to re-think their security strategy for collaboration, mobile and file-sharing in 2023 and beyond. Hackers will begin to expand their phishing efforts into these channels, and larger organizations will begin to see more targeted, sophisticated attacks that are aimed at every line of communication, which we are already starting to see.

Earlier in 2022, hackers were beginning to leave comments in Google Docs that would include a malicious link. All the hacker has to do is mention the subject's email and will get directly sent to the user's email. They don't even have to interact with the document-just click on the link that shows up in the email.

Consider this attack from earlier in 2022, where hackers dropped malicious executable files in Teams conversations. These files write data to the Windows registry, install DLL files and create shortcut links that allow the program to self-administer. We saw thousands of these attacks at its peak.

In a similar case when we were first doing a POC with a potential customer, as we do in every trial, we scanned their OneDrive instance for malware. We found a malicious document that had been sitting in an OneDrive folder for over three years. Fortunately for that customer, no one engaged with that file.

Earlier this year, we also scanned and stopped a malicious Roblox Trojan that, we suspect, was mistakenly uploaded to someone's work OneDrive folder. The threat can be accidental, too. Whenever you do work, there is a possibility of a threat.

These applications, like email, are communication channels that also require security. The security includes malware scanning and protection, URL rewriting, DLP, and compliance tools. Every file should be scanned in a sandbox before downloading, and if malware or ransomware is found, the file should be quarantined. Sensitive information, like social security numbers or personal health information, should not flow freely. Similar to email, if there are enough suspicious qualities about a file or message in a chat environment, the suspicious file should not reach the end-user.

We believe that the attacks of the future will be synchronized and target multiple vectors. Protecting just one vector is no longer sufficient for proper safeguarding.

Conclusion A holistic approach is necessary, one that encompasses the entirety of the network. Otherwise, a simple Slack message could have devastating consequences.



Jeremy Fuchs 

Jeremy Fuchs is the content manager for Avanan, a Check Point Company, the leading cloud email and collaboration solution.

Jeremy can be reached online at and at the company website

Published Monday, November 07, 2022 7:32 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2022>