Jeff Mann, a senior information security consultant with Online Business Systems, pointed out, “the larger discussion should be on the failings of the Nikkei IT/IS program to protect against some sort of attack that targeted its employees. Why are employees allowed to use Slack on personal devices?”
“So this is really an issue of risk management,” Mann said. “In the case of Nikkei, it appears the exploitation was elsewhere [on the system]. The initial access allowed the miscreants to use credentials to gain access to Slack. That’s not a compromise of Slack itself, that’s a compromise of employee account authentication.”
Stephen Boyce, security consultant and CEO of The Cyber Dr., said the Nikkei incident represents “what happens when someone uses a personal device to get into work systems. Once that device gets hit with malware, it’s game over for the credentials. The part that worries me is this could happen anywhere. People forget how much sensitive stuff ends up in Slack: messages, files, links, sometimes even credentials. Once someone has that, they can poke around pretty freely.”
