Microsoft Teams Security. PHOTO: Cybercrime Magazine.

More Remote Workers Means More Cyber Attacks

Microsoft Teams and Slack are not fully secure

Gil Friedrich

New York City, N.Y. – Feb. 25, 2021

If you are one of the tens of millions of users who started using Microsoft Teams in the last year, you’ve likely increased your organization’s ability to work remotely.

What you may not realize, though, is that you’ve also opened up your organization for more attacks.

By default, Microsoft Teams, like many collaboration and file-sharing apps, is not fully protected. Links in the chat are not scanned; files are scanned but not instantaneously and only for basic issues, meaning that malware can stay there for hours.

Additionally, like with all major collaboration and file-sharing apps, sensitive information can easily be shared and forwarded outside the organization. An Avanan analysis found that medical personnel, in particular, freely share sensitive information on Teams in ways that they do not on email. The email hygiene that many have been working on for years has not necessarily transferred to other applications.

Further, external members can easily be added to channels; compromised accounts can happen internally or externally, leading to widespread attacks. Visibility into who is actually in your environment can be tough to come by.

The very collaborative nature of these apps is one of the reasons why they’re open season for attacks. Additionally, Avanan has found, in general, that users tend to operate on these platforms as if they’re internal only. They’re not. Anyone, from any organization, can be invited. In one attack, a partner organization had been compromised. For over a year, the hacker behind the compromised account bided their time, waiting for the perfect moment to strike.


Cybercrime TV: Gil Friedrich, Founder & CEO at Avanan

Protecting Office 365 inboxes from phishing attacks


Though the attack — a remote trojan that would’ve installed silently upon a file downloaded — was stopped, think for a second about the implications. If hackers are willing to wait for up to a year before striking, it begs the question: how many hackers are silently waiting right now in your collaboration apps? With limited visibility, and with it being difficult to tell who’s a legitimate external user and who isn’t, without the proper tools it may be impossible to know.

If email is protected, but file sharing isn’t, consider the following scenario: A hacker makes their way into OneDrive. From there, they spread their tentacles to SharePoint and Teams, compromising accounts, stealing data and information and infecting systems. Email doesn’t have to be touched. Yet major attacks can still occur.

Protecting email, but not collaboration and file-sharing is like having a car with three doors. You’re somewhat protected, but not fully. In today’s environment of rapidly increasing phishing, ransomware and malware, being somewhat protected is just not good enough. The best way to respond is with full-suite protection. 

An Avanan survey of over 500 IT managers and leaders found that 76.1 percent of respondents either strongly agree or agree that the vulnerabilities Slack and Teams pose is a security threat that needs to be addressed. Further, many IT leaders, according to the survey, believe they’ll need to adopt protections for these services within the year.

How, then, to best secure these apps?

You need some essential protections across file sharing and collaboration apps:

  • Malware and URL protection
  • A DLP solution that detects leaks of Personally Identifiable Information (PII), HIPAA and other sensitive information
  • An anomaly engine that detects all logins and events for suspicious activity
  • Files scanned and analyzed for malicious links, which are then blocked across the entire suite
  • A detailed, all-in-one dashboard that updates administrations on users, files, shares, logins, channels and threat detection across all apps

Business happens across tons of apps. You’re solving problems in real-time with co-workers on Teams, forwarding funny GIFs on Slack, sharing and creating files on Google Drive and, of course, emailing.

All of those actions, and apps, can — and will — be hacked. Leaving only some of them protected is a recipe for disaster.

In 2021, security needs to be total. The only way to do that is by securing the entire suite with industrial-strength protections.

Start a Demo to Experience the Power and Simplicity of Avanan

Avanan Archives

Gil Friedrich is co-founder and CEO at Avanan.


About Avanan 

Avanan is a cloud email security platform that pioneered and patented a new approach to prevent sophisticated attacks. We use APIs to scan for phishing, malware, and data leakage in the line of communications traffic. This means we catch threats missed by Microsoft while adding a transparent layer of security for the entire suite and other collaboration tools like Slack.

Avanan catches the advanced attacks that evade default and advanced security tools. Its invisible, multi-layer security enables full-suite protection for cloud collaboration solutions such as Office 365™, G-Suite™, and Slack™.  The platform deploys in one click via API to prevent Business Email Compromise and block phishing, malware, data leakage, account takeover, and shadow IT across the enterprise. Avanan replaces the need for multiple tools to secure the entire cloud collaboration suite, with a patented solution that goes far beyond any other Cloud Email Security Supplement.