Uber is perhaps the world’s most famous platform company and enterprise messaging apps, offering taxi, food, package and courier services in 72 countries and more than 10,500 cities worldwide. Being such a large company, you would think that they would handle issues like online security, but that doesn’t seem to be the case.
In September 2022, a man sent a message to an Uber employee’s Slack channel claiming he was a hacker and gained access to several of the company’s internal databases, including the AWS console, Slack, Google Workspace and its security systems. Uber employees were immediately told to stop using Slack, and Uber confirmed the violation a day later, stating that they were looking into the situation.
But then the media began to report that the hack was due to an 18-year-old teenager who gained access to Slack with a simple phishing attempt. Posing as an employee of the corporate IT department, they tricked another employee into handing over their username and password. The hacker then used this information to gain access to Slack and post several messages, including ridiculing the company and criticizing it for underpaying employees.
Although the hacker was barely of legal age, he most likely joined a hacker group called Lapsus$. This group is associated with several attacks on technology companies. Uber claims that it did not hack into user data and there were no other serious consequences from the hack. But the damage done to his reputation, both publicly and among employees, is not easy to repair. That is why it is very important to have social media and communication strategy in place.
Table of Contents
How can companies protect themselves when using these platforms?
The use of these corporate messaging applications can be essential for the management of a company, especially for workflow and communication between employees. For many, simply phasing them out is not a viable option. So companies need to find ways to use them and make sure their employees use them responsibly and don’t get caught by bad actors. In addition to phishing, as with Uber, another significant risk to users is account hijacking.
Account takeover is when a hacker gains access to an account and then changes the email address, phone number, or even password without the owner’s knowledge, thereby taking control of it. For a company, certain services hacked in this way are potentially catastrophic, with a wide range of internal and external consequences. By following the account hijacking and fraud prevention guide on season.io, companies can be safe in the knowledge that every effort has been made to keep the account secure. This may include following password security rules, being vigilant about links, and not sharing any information with third parties, no matter how convincing.
The same security measures that are used to protect against account hijacking fraud are also applied to protect against other forms of attack. For example, phishing or brute-force hacking results in millions of dollars lost each year as a result of such incidents. To training your employees in security risks, make sure their passwords change frequently, are hard to guess, and don’t follow random links or download apps from suspicious sources, you can protect your business. It will also prevent people like the notorious Uber hackers from getting into your company’s communication tools or other essential software.
Loosen the messaging program
Slack is a messaging program launched in 2013 to bring employees together within an organization on a single platform. This allows you to create different channels and groups for other purposes, as well as 1-2-1 messaging and group chats. Another recent feature is Huddles, which allows you to have audio meetings through the app. It also provides integration with other software. This includes calendars and client management systems such as Dropbox, GitHub, Zendesk, IBM Bluemix and Googe Calendar. Slack is also available as an app for iOS and Android and can be downloaded for Apple Watch.
Another popular workplace tool in the same vein is Workplace, a direct competitor to Slack. Meta Platforms, founded in 2016, developed Workplace. It integrates instant messaging, video calling, news sharing, and online group workflow management. The software uses machine learning to make intelligent recommendations and streamline processes for users. In addition, it is integrated with Google Drive, Zoom and Dropbox, among many others.
What are the disadvantages of these platforms?
As mentioned, these communication and workflow management platforms have many advantages, but they also come with some drawbacks.
For some companies, it may just be another piece of software to add to a long list, overburdening employees. For example, Email, Zoom, Google Drive, CMS software, and other software are required to work. Some companies may find it difficult to get workers to participate in yet another program, meaning that participation may be low.
Another risk includes a lack of moderation. You may find people talking too much, drifting off topic, arguing, or wasting time discussing non-work related issues. It may be worth putting in place a code of conduct and appointing one person in charge of maintaining order to ensure that the platform runs smoothly.
As we mentioned, there are also security issues. Suppose someone gains access to such a platform. In this case, they may receive sensitive information and potentially embarrassing messages. Or they may impersonate an employee to force other employees to hand over information, data, and logins.
What are the benefits?
But despite the drawbacks and the caution required, there are several advantages to enterprise messaging applications. For example, they are necessary to ensure fast and effective communication between employees without the use of e-mail. They can also make the organization easier by promoting a collaborative atmosphere.
These types of software also help employees who may be struggling with disorganization to keep going. Finally, they can help improve corporate culture by giving people the space to express themselves in a variety of ways. As opposed to a slightly less formal way than email or a face-to-face meeting. This means removing some barriers such as nerves. Overall, the benefits of this software are huge. Use them internally, but only if precautions are taken and employees are aware of the risks.