ON-DEMAND WEBINAR: Morphisec's Top 10 Security Predictions - Outlook into 2024
arrow-white arrow-white Watch now

Why Remote Collaboration Applications are the New Zero Day Frontier

Posted by Netta Schmeidler on April 9, 2020
Find me on:

Remote Collaboration Applications are ripe for cyberattack

With shut-down orders closing offices across the country, millions of Americans have started working remotely. Apps like Skype, Zoom, and dozens of others make it relatively easy to remain connected and productive. They’ve become so indispensable, in fact, that Zoom recorded 200 million daily users throughout March, up 20 times since December. 

For users, remote collaboration applications look like a saving grace during a time of uncertainty and anxiety, and the same is true for their employers. But for the IT pros inside of those organizations, various “conference” tools are actually a source of anxiety – or at least they should be. 

Compared to most other enterprise applications, collaboration apps lack robust security posturing, making them particularly vulnerable to zero-day attacks and evasive malware. Those vulnerabilities may have been acceptable when these apps were used occasionally or optionally. Now, however, they’re the foundation of the operation and putting everything at risk in the process.

The Extra Threat of Coronavirus

Remote collaboration applications suffered from security loopholes before the pandemic. But with millions more users now on these apps, the attack surface has expanded significantly – and hackers have noticed. 

Opportunistic by nature, hackers look for the easiest ways to attack the largest number of users and reap the biggest gains. Unfortunately, remote collaboration apps check all those boxes right now, making them an appealing target for every cybercriminal in the world

As companies come to rely entirely on these apps, they must understand the ingrained risk. Not only are they insecure and ripe for attack, the effects of those attacks potentially cut deep. Since these apps serve as the primary connection between collaborators, countless amounts of sensitive, valuable information passes through them. They also provide a springboard for hackers to enter the IT infrastructure and do as they please. 

Running programs through a browser-based plugin rather than an app provides little boost in terms of security. Neither do most existing security protocols since users are often using collaboration tools on personal devices not hardened by the IT team. Some companies won’t experience any ill effects as a result of these apps – but everyone must consider themselves at risk. 

How Developers Drop the Ball

Legacy collaboration apps like Office and Acrobat already have strong defenses in place after years of being exploited and then patched. Instead of scouring for the few remaining vulnerabilities, hackers are going after apps largely created by startups with limited resources, especially in terms of cybersecurity. As a result, most have limited security in place, and where it does exist, it tends to be easy to exploit. 

Zoom has received the worst of the coverage thus far, but major security flaws exist in other popular collaborative apps including Microsoft Teams and Slack. The fast and lean development philosophy behind these apps makes them particularly susceptible to zero-day  attacks. Those loopholes tend to linger, too, since issuing patches may not be the developer’s top priority. 

IT pros accustomed to certain security standards should anticipate that these collaborative tools have their security shortcomings. More importantly , they should take matters into their own hands instead of expecting these apps to suddenly implement ironclad security themselves.

Working Securely with remote collaboration applications

Companies can’t quit using collaboration apps, but they also can’t expose themselves to extra risk at a time of economic uncertainty either. Antivirus programs won’t catch the zero days that threat actors will deploy against these platforms, leaving organizations exposed at a time when they can ill afford the risk. Moving target defense provides the security from zero days that traditional antivirus programs lack, closing the remote collaboration app security loopholes.

In simplified terms, MTD morphs the application memory so that when hackers try to launch the attack, they target what they think is an important asset when in fact they’re falling into a trap designed to capture and neutralize the threat. In that way, MTD empowers organizations to actually start preventing attacks instead of merely minimizing or mitigating them. 

Unlike other defensive strategies, MTD addresses unique vulnerabilities within remote collaboration apps. For instance, it can secure remote endpoints on unreliable home networks and protect SaaS applications like Salesforce running over a browser. MTD also has a lightweight footprint that won’t cause a video conference to lag or create any other performance issues. For the same reason, it doesn’t take significant time, staff, or technical resources to get this defensive asset up and running. 

Though MTD looks tailor-made for this moment, the protection it provides lasts for as long as collaboration apps remain in the company toolkit. Far from being an asset just to survive through COVID-19, it’s the centerpiece of an effective, enduring endpoint security strategy. 

New call-to-action