![[New Wave] In the Hybrid Work Era, Prioritize Security of Collaboration Tools First](https://cphoto.asiae.co.kr/listimglink/1/2021111608151622145_1637018116.jpg)
As remote and work-from-home arrangements have prolonged due to COVID-19, the number of companies building a 'digital workplace' that enables flexible work without spatial constraints has rapidly increased. Along with this, the use of collaboration tools to enhance work efficiency and continuity online has also surged explosively.
According to Microsoft (MS), the usage of the work collaboration tool 'Teams' increased by approximately 1000% within the month of March 2020, when the COVID-19 pandemic fully took hold. Although the world is gradually recovering from the global pandemic and returning to normalcy, the use of work collaboration tools by companies is expected to continue.
Some companies, especially in the IT industry, have announced plans to maintain digital work systems going forward. According to a survey by Toss Lab, which operates the collaboration tool 'JANDI,' 93% of employees who have experienced remote work expressed their intention to continue using collaboration tools in the post-COVID era. It is anticipated that a so-called 'hybrid work' model, combining in-person and virtual work environments, will become the new standard working style.
Along with these trends, new security threats and attacks targeting work collaboration tools are also rapidly increasing. In particular, numerous vulnerabilities allowing Remote Code Execution (RCE) on servers or PCs targeting collaboration tools have recently been discovered, requiring special caution from adopting companies and users.
Attackers exploit these vulnerabilities to command and control remote control servers (C&C servers) to carry out desired attacks, attempt to leak important files within company servers, launch ransomware attacks, or infiltrate internal networks. If a work collaboration tool is deployed on-premise within a company’s server but is accessible externally, attackers can use various scanning tools to identify IP addresses or port information that allow server access.
Furthermore, if the collaboration tools used by companies are not updated to the latest versions, attackers can take over internal servers by exploiting publicly disclosed zero-day vulnerabilities. Since there are tools that automatically execute attacks simultaneously with scanning, companies using externally exposed collaboration tools that are not kept up to date are vulnerable to such attacks.
Therefore, companies must continuously conduct security training for employees to ensure that work collaboration tools are always maintained at the latest version to prevent attacks exploiting zero-day vulnerabilities. It is especially important that each employee recognizes that they can become an attack vector causing critical damage to the company and strengthens their security awareness.
For IT administrators, it is advisable to restrict access to collaboration tools used in on-premise environments to internal networks only. If external network access is unavoidable, changing the default port to a custom port can help prevent scanners from targeting the server.
For companies preparing to transition to hybrid work, work collaboration tools have become a necessity rather than a choice. To successfully transition to a digital business environment, strengthening security around collaboration tools must be prioritized above all.
Choi Jeong-su, Head of Core Research Team, Raon White Hat
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
