The Uber Breach Demonstrates Why We Built Aware
by Aware
It’s time to tackle security and compliance in collaboration platforms like Slack, Microsoft Teams, Workplace and Zoom
Uber says the cybersecurity incident that recently made headlines began with malware on a contractor’s cellphone. That malware extracted a corporate password, which was sold on the dark web. The hacker who purchased the password sent repeated 2-factor authentication requests to the contractor’s phone until one was eventually accepted, granting him access to the Uber account.
From there, the hacker was able to access several of Uber’s internal systems and accounts, including Google Workspace, AWS, OneLogin and HackerOne. The infiltrator also posted in a companywide Slack channel announcing the breach.
With control regained, Uber has now revealed what the hacker did during the breach. Despite accessing several sensitive systems, there is no evidence he changed any code or targeted customer data. Instead, the hacker took Slack messages.
It does appear that the attacker downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool our finance team uses to manage some invoices. — Uber press release
Was the Uber breach the work of a naive threat actor who wanted to embarrass the company and didn’t know what to do with the information at his disposal? Or is the breach just the start of Uber’s PR nightmare?
What Risks Live in Your Slack Data?
If somebody breached your Slack (or Teams, or WebEx…) and exfiltrated company messages, would you be worried? Or are you confident that your collaboration tools are free from sensitive information, confidential conversations and intellectual property?
Let's face it — collaboration tools like Slack are great for getting work done, but the amount of value embedded in these conversations make them an exponentially growing security risk. — Jeff Schumann, Aware Co-Founder & CEO
Aware was founded by a team of enterprise collaboration experts who saw the value of the new tools they managed — but also realized their risks. Our platform uses smart technology to monitor collaboration messages in real time and identify potential risks before they become part of your collaboration dataset.
How Bad is Collaboration Risk Really?
Our research shows that business leaders need to be worried about what their employees are saying in collaboration. We analyzed over a million enterprise collaboration messages, and what we found was disturbing.
The fact is, unless a business manages their collaboration platform and proactively removes unwanted content, it exists in their dataset right now. And it only takes a threat actor minutes to exfiltrate huge volumes of messages. Over a year, an organization with 5000 employees will generate 30 million collaboration messages. How many of them contain passwords, IP, sensitive data or content that’s simply embarrassing to the company if it becomes public?
Aware Helps Organizations Reduce Collaboration Risk Exposure
At Aware, we believe that real-time compliance and acceptable use monitoring is the only way to effectively tackle security and compliance in collaboration tools. In the modern digital workplace, there’s too much at stake to be anything but proactive about data security.
Using Aware, security teams can minimize the impact of a Slack or collaboration breach by proactively drawing attention to unusual behavior, identifying hot spots that represent value that could be stolen, and by removing potentially damaging information before a malicious party can access it. Further, they can strengthen their breach readiness through Aware’s continuous and intelligent data observability, which enables immediate investigation and response.
That’s why some of the biggest companies in the world trust Aware to help them take control of their collaboration tools. Contact us today to learn more about how Aware can help you improve your risk posture and shine headlights onto the blind spots in your collaboration tools.