Instant Messaging Could Take Down Your Network

Author Avatar

by

Posted on November 3, 2021

Want to interview Mendy?

Contact

Individuals who value both convenience and privacy – which means almost all users – depend on instant messaging (IM) apps to communicate across all aspects of their personal lives. Every time we open a new chat, WhatsApp, for instance, reassures us that, “Messages and calls are end-to-end encrypted. No one outside of this chat, not even WhatsApp, can read or listen to them.”

Instant Messaging is How We Talk Today

Instant messengers have rapidly become the favorite tool in our communication toolbox for business as well. While formal interactions still require email, simple and efficient chat apps have been gaining for quick consultations and interactions. Slack and Microsoft Teams (and their many competitors) are widely used within organizations. But when it comes to communicating with third party providers, customers and other contacts for business purposes, as well as with family and friends in the course of the workday, IM apps such as WhatsApp are often the solutions of choice.

The numbers tell the story: WhatsApp, Facebook Messenger, Telegram, and Snapchat together have over 4 billion active users, with 2 billion on WhatsApp alone. 50 million of those WhatsApp users are business accounts. Weixin/WeChat and QQ have nearly 2 billion more users, mostly in China.

What’s Lurking in Your Chat?

All this explains why the web client of their favorite IM is one of the very first tabs many – perhaps most – people open at the start the workday and one that’s most frequently used throughout the day.

IM web clients, however, can pose a real danger to network security. A single click on a ransomware-infected file sent via a chat – either maliciously or unintentionally – can bring an entire organization to its knees.

The same end-to-end encryption that protects user privacy renders secure web gateways and next-generation firewalls, which organizations depend on to scan websites for malicious content, powerless to “see” if a file or link sent via IM to a users’ IM web client contains ransomware or other malware. As a result, if a chat contains a link to ransomware or an infected file, it will not be blocked. When the user opens the file or clicks on the link, malware can instantly move from the endpoint browser to – and throughout — the organization’s network.

It’s not hard to imagine scenarios in which cybercriminals share weaponized images in an IM group, submit an infected CV in response to an advertised opening, or send a sales inquiry that includes a malicious link. One click by a user, and the damage is done.

Many organizations simply block IM web clients, preventing their use. But in countries where chat apps are used widely for business as well as personal use, blocking IM web clients annoys users – to the point of revolt, in some countries! – and results in a productivity hit for the organization.

Protecting Against IM-Delivered Threats

ZTEdge Instant Messenger Isolation uses remote browser isolation (RBI) to protect against threats delivered via chats. All content from the web client is opened in a virtual browser located in an isolated container in the cloud. Only safe rendering data is sent to the browser-based client on the user’s device, where users chat as they are accustomed to do. Any malware or ransomware remains in the isolated container, remote from endpoints and networks, and is destroyed when the user stops chatting. Files sent via the IM client are opened in isolation and sanitized of any malicious content within before being sent on the endpoint.

ZTEdge Instant Messenger Isolation is included in ZTEdge™, Ericom Software’s comprehensive Zero Trust SASE platform for midsize enterprises and small businesses.
Instant Messaging is an invaluable tool. Taking the right protective measures can empower your users to use it productively, while preventing delivery of cyber threats.

Share this on:
Author Avatar

About Mendy Newman

Mendy is the Group CTO of Ericom's International Business operations. Based in Israel, Mendy works with Ericom's customers in the region to ensure they are successful in deploying and using its Zero Trust security solutions, including the ZTEdge cloud security platform.

Recent Posts

Air Gapping Your Way to Cyber Safety

Physically air gapping enterprise networks from the web is a great way to protect operations, keep data safe … and squelch productivity. Virtual air gapping is a better approach.

Motion Picture Association Updates Cybersecurity Best Practices

The MPA recently revised its content security best practices to address, among other challenges, the issue of data protection in the cloud computing age.

FTC Issues Cybersecurity Warning for QR Codes

QR codes on ads are a simple way to grab potential customers before they move on. No wonder cybercriminals are using QR codes, too.

More Posts

Copyright© Ericom Software Cloud Security Platform. All rights reserved.