• United States




3 ways to avoid Slack attacks

Oct 31, 20173 mins
Application SecuritySecurity

A potential new cybersecurity threat: hacks through Slack.

Credit: Magdalena Petrova

On the heels of National Cybersecurity Awareness Month, now seems like an opportune time to draw attention to a potential new cybersecurity threat: Slack attacks.

It’s no secret that cybersecurity breaches are more prevalent today than ever before. Global ransomware damage costs are expected to surpass $5 billion in 2017, according to research from Cybersecurity Ventures, and cybercrime damage is projected to cost the world $6 trillion annually by 2021. That’s up from $3 trillion just last year.

For those following the news, these numbers, while alarming, may not come as a surprise. From Deloitte to Yahoo, major companies have famously been the victims of devastating email hacks, as have high-profile political figures including French President Emmanuel Macron and Presidential Senior Advisor Jared Kushner. These buzzworthy incidents have raised red flags among organizations, which are now taking strides to enhance email security measures.

Unfortunately, these measures may not be enough. While email remains the primary communication channel among businesses, more and more organizations are leveraging alternative messaging systems to share (often sensitive) information. Slack is one of the most popular of these alternative messaging systems, with 6 million daily active users. And with the platform’s newly announced capabilities – including the channel collaboration feature – the number of Slack users is likely to increase.

Users like Slack for many reasons, including the ability to easily share files and get fast answers on urgent, high priority issues. The problem is that, much like email, information exchanged on Slack can be subject to ransomware attacks.

To prevent security breaches, organizations need to devise strategies that not only reduce the risks of email hacks, but Slack hacks as well. They should:

  • Tighten permissions on what integrations can come through Slack and who controls them. Slack was initially popularized through development organizations that appealed to tech companies. Because the platform was used primarily by tech professionals, users were typically granted the ability to add new applications to Slack. Over time, however, more and more employees outside of the tech function began using Slack. As a result, HR, marketing and sales professionals (among others) can now add new applications to the platform, without deep insight into how these applications work and what other data they can access. Many Slack integrations also connect to other sensitive systems, such as Salesforce (CRM) and Workday (HR). A Slack integration could unwittingly give hackers access to an organization’s “crown jewels.” To the untrained eye, applications may appear to be harmless platform integrations, but could really be malware. By tightening permissions on who can evaluate and control integrations, businesses can better prevent against malware attacks.
  • Evaluate third parties that are specifically focused on improved security for Slack. In recognition of messaging platforms’ vulnerability to hacks, companies have emerged to conduct real-time analysis of hacking activity. By developing reports for partner organizations, these companies can detect issues before they escalate into devastating problems and prevent future attacks from happening. GreatHorn is one such company offering these services.
  • Mimic email security measures. With Slack increasingly replacing email to communicate business issues, organizations should apply the same policies and controls they use to keep email secure to Slack. Businesses may want to consider tasking their IT teams with this now (if they’re not already) to get ahead of the issue.

By abiding by these best practices, organizations will be better equipped to keep internal information out of the wrong hands. And by addressing potential risks, like Slack attacks, before they become real problems, we can demonstrate the true value of National Cybersecurity Awareness Month.


Greg Arnette is the director of data protection platform strategy at Barracuda, a Thomas Bravo company. Previously, Greg was the founder and CTO of Sonian, a cloud archiving company which was acquired by Barracuda in November 2017.

Greg has been a messaging, collaboration, Internet, and networking expert for more than 20 years, and has consulted leading corporations on the management and administration of email systems. Greg has created messaging products and services for over 15 years, starting with AlertWare which was acquired by Netpro, and more recently IntelliReach, which was acquired by Infocrossing in May 2006. Greg has designed leading messaging system solutions for all communication platforms.

Greg is a graduate of the University of Massachusetts, Amherst.

The opinions expressed in this blog are those of Greg Arnette and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.