Email remains the biggest source of online attacks, but the surge in remote work has forced IT to look beyond email for cybersecurity, toward collaboration tools.

Key Points:

  • The global pandemic made almost everyone a work-from-home employee overnight, forcing IT to provision a number of cloud applications – such as Zoom, Slack, and Microsoft Teams – all at once.
  • While these tools have been critical to keep businesses moving during the pandemic, they are not immune to attacks from threat actors.
  • Governance and legal oversight must play a role along with IT to secure and manage this new attack vector.

In March 2020, when much of the world became remote workers, tools that had previously been taken for granted became critical infrastructure overnight. Zoom, Slack, Microsoft Teams, and others have played key roles in facilitating collaboration and communication in the last 14 months; in fact, the State of Email Security (SOES) 2021 reported that 98% of IT and cybersecurity professionals from 10 countries across five continents are making use of team-building and productivity software.

On its face, this widespread adoption of collaboration tools is a good thing: it means we’re engaged during remote work. It becomes a problem when these tools are overlooked as attack vectors, as they so often are. According to the research, Safeguarding Collaboration Tools for the Remote Workforce, these platforms are just as susceptible as email to attacks from threat actors.

Security and Compliance for Collaboration Tools

Remember the concerns around Zoom-bombing[i] and Zoom security a year ago? It was not uncommon for users to experience unwanted guests taking over their meetings and potentially viewing sensitive or private information. How about the business continuity issues and phishing fears from Microsoft Teams[ii] users? Microsoft Teams experienced 70% growth in daily active users of Teams in one month.[iii]

These concerns have been somewhat mitigated due to improved user savvy and of course, meeting passwords, but these platforms still struggle to protect against greater threats than an unwanted person joining a meeting. And now that these platforms have been rapidly adopted by thousands of organizations globally, it’s incumbent on security, IT, and governance professionals to properly configure them for security to avoid inadvertently creating a new attack vector.

Threat Actors Can Use Collaboration Tools

According to the SOES 2021 report, “This swell of digital activity has presented cybercriminals with numerous new openings for social engineering attacks. To wit, during 2020, the Mimecast Threat Center detected a 64% rise in threat volume compared to 2019.”

Threat actors are skilled at pivoting their method of attack to align with user behavior. The attacks are constant; SOES respondents indicated they had been impacted by ransomware (61%), phishing (63%), and impersonation attacks (42%) delivered via email.

With these staggering numbers in mind, the challenge of inferior security that collaboration platforms have to contend with remains. If organizations adopt these platforms too rapidly – which risks sub-optimal configurations for security – it could create a new attack vector that allows threat actors to pivot their attacks. And, that new attack vector can be impacted by the same tactics and techniques that are used in email, like phishing, weaponized attachments, account takeover, and impersonation.

These attacks can be multi-faceted; consider the possibility of an email notification that invites a user to a Microsoft Teams chat that is actually a phishing attack, compromising credentials and allowing an attacker access to that user’s contacts and channels. Those channels can be internal or external, which also run the risk of compromising the supply chain.

Users are already prone to mistakes; this is especially true as the lines between home and work have blurred and increasingly sophisticated phishing attacks target employees, who become less careful or aware when they’re distracted by a possibly stressful home environment. Another channel of communication elevates risk even further.

The Bottom Line

The attack surface is naturally expanding in the remote work – and increasingly, the hybrid work – eras. It’s not a question of whether employees need collaboration platforms like Microsoft Teams, Slack and Zoom to do their jobs; these are critical communications channels that go beyond email.

Many companies are stepping up their strategic thinking on how threat actors take advantage of collaboration platforms, and business leaders must square their need to balance worker productivity with the need for legal and compliance professionals to protect organizations from risk.

Join Mimecast’s Governance, Risk and Compliance Day along with experts including Forrester Research’s Cheryl McKinnon and Osterman Research’s Michael Osterman on June 8 to get actionable advice on how to stay ahead of emerging trends.

[i] Beware Zoom Users: Here’s How People Can ‘Zoom-Bomb’ Your Chat, Forbes 

[ii] Cloud Collaboration Tools Show Leadership in Business Continuity, Cyber Resilience Insights

[iii] What Does the Zoom Boom Mean for E-Discovery?,

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

Mimecast’s State of Email Security 2021 Reveals Pandemic Email Threats

New study examines how companies are res…

New study examines how companies are responding to the cyber… Read More >

Elliot Kass

by Elliot Kass

Contributing Writer

Posted Apr 20, 2021

A Guide to Web Application Penetration Testing

Web application penetration testing is n…

Web application penetration testing is necessary for securin… Read More >

Mike Azzara

by Mike Azzara

Contributing Writer

Posted May 13, 2021

ROI Analysis: Streamlining E-discovery

Effective e-discovery software can elimi…

Effective e-discovery software can eliminate 87% of a corpor… Read More >

Elliot Kass

by Elliot Kass

Contributing Writer

Posted Mar 17, 2021