Ditch Your VPN for ZTNA & We'll Buy Out Your VPN Support Contract – Click Here! Subscribe to Dr. Zero Trust's Weekly Newsletter - Click Here! New! Zero Trust Market Dynamics Survey - Click Here!

Instant Messaging Could Take Down Your Network

Author Avatar

by

Posted on November 3, 2021

Want to interview Mendy?

Contact

Individuals who value both convenience and privacy – which means almost all users – depend on instant messaging (IM) apps to communicate across all aspects of their personal lives. Every time we open a new chat, WhatsApp, for instance, reassures us that, “Messages and calls are end-to-end encrypted. No one outside of this chat, not even WhatsApp, can read or listen to them.”

Instant Messaging is How We Talk Today

Instant messengers have rapidly become the favorite tool in our communication toolbox for business as well. While formal interactions still require email, simple and efficient chat apps have been gaining for quick consultations and interactions. Slack and Microsoft Teams (and their many competitors) are widely used within organizations. But when it comes to communicating with third party providers, customers and other contacts for business purposes, as well as with family and friends in the course of the workday, IM apps such as WhatsApp are often the solutions of choice.

The numbers tell the story: WhatsApp, Facebook Messenger, Telegram, and Snapchat together have over 4 billion active users, with 2 billion on WhatsApp alone. 50 million of those WhatsApp users are business accounts. Weixin/WeChat and QQ have nearly 2 billion more users, mostly in China.

What’s Lurking in Your Chat?

All this explains why the web client of their favorite IM is one of the very first tabs many – perhaps most – people open at the start the workday and one that’s most frequently used throughout the day.

IM web clients, however, can pose a real danger to network security. A single click on a ransomware-infected file sent via a chat – either maliciously or unintentionally – can bring an entire organization to its knees.

The same end-to-end encryption that protects user privacy renders secure web gateways and next-generation firewalls, which organizations depend on to scan websites for malicious content, powerless to “see” if a file or link sent via IM to a users’ IM web client contains ransomware or other malware. As a result, if a chat contains a link to ransomware or an infected file, it will not be blocked. When the user opens the file or clicks on the link, malware can instantly move from the endpoint browser to – and throughout — the organization’s network.

It’s not hard to imagine scenarios in which cybercriminals share weaponized images in an IM group, submit an infected CV in response to an advertised opening, or send a sales inquiry that includes a malicious link. One click by a user, and the damage is done.

Many organizations simply block IM web clients, preventing their use. But in countries where chat apps are used widely for business as well as personal use, blocking IM web clients annoys users – to the point of revolt, in some countries! – and results in a productivity hit for the organization.

Protecting Against IM-Delivered Threats

ZTEdge Instant Messenger Isolation uses remote browser isolation (RBI) to protect against threats delivered via chats. All content from the web client is opened in a virtual browser located in an isolated container in the cloud. Only safe rendering data is sent to the browser-based client on the user’s device, where users chat as they are accustomed to do. Any malware or ransomware remains in the isolated container, remote from endpoints and networks, and is destroyed when the user stops chatting. Files sent via the IM client are opened in isolation and sanitized of any malicious content within before being sent on the endpoint.

ZTEdge Instant Messenger Isolation is included in ZTEdge™, Ericom Software’s comprehensive Zero Trust SASE platform for midsize enterprises and small businesses.
Instant Messaging is an invaluable tool. Taking the right protective measures can empower your users to use it productively, while preventing delivery of cyber threats.


Share this on:

Author Avatar

About Mendy Newman

Mendy is the Group CTO of Ericom's International Business operations. Based in Israel, Mendy works with Ericom's customers in the region to ensure they are successful in deploying and using its Zero Trust security solutions, including the ZTEdge cloud security platform.

Recent Posts

HTML Smuggling Evades Traditional Cybersecurity Solutions

HTML smuggling attacks are on the rise and unfortunately are able to evade traditional cyber defenses. Learn what these attacks are, and what you can do about them.

Addressing the Cybersecurity Challenges Faced by Today’s Midsize Enterprises and Small Businesses

In our most recent ebook, we’ve looked at the challenges faced by midsize enterprises and small organizations and came up with some ideas that can help.

Keeping the Zero Trust Picture for Businesses in Focus

The Gartner “Quick Answer” on explaining Zero Trust to technical executive leaders presents important points on examining Zero Trust concepts through a business lens.