What can enterprises learn from the GTA VI data breach?

Many businesses have attempted to ignore the risk associated with collaboration apps due to their convenience. But because attackers are becoming more intent on exploiting them, their flaws can no longer be overlooked.

On September 18, a hacker leaked over 90 videos and pictures from the highly anticipated Grand Theft Auto VI. The hacker claimed they wanted to strike a deal with EA to prevent disclosing more information, including the GTA V and VI testing build, source code, and assets.

The attacker obtained this information by breaking into and exfiltrating Rockstar's internal Slack channel. This incident is a stark warning that disclosing protected information on consumer-grade messaging services like Slack can greatly increase the risk of IP theft.

The most recent hack demonstrates how useful collaboration apps are for hackers to steal intellectual property. However, many businesses rely on these programs to facilitate communication.

Slack claims that Slack Connect is used by over 100,000 organizations, including 77% of Fortune 100 companies. The issue is that when these services are compromised, unauthorized users have access to a treasure trove of priceless data.

Collaboration apps and IP theft

Using collaboration apps to access IP data illegally and other sensitive information is becoming more common. One week before the GTA VI data breach, hackers gained access to Uber's internal Slack channel.

In a statement about the incident, Uber claimed that the hacker got access by buying a contractor's login information for a user's account and sending the person a series of multifactor authentication requests, which they eventually agreed to.

After gaining initial access, the attacker used the account's privileged permissions to access downstream applications like Slack, where they downloaded internal communications and other data.

When hackers gained access to EA Games' internal Slack channel in June of last year, they stole 780GB of data, including the source code of FIFA 21, before leaking it after a botched attempt at extortion.

Before contacting IT support in this breach, the attackers bought stolen cookies from online retailers to access an employee's Slack account. Then, after claiming to have misplaced their phone, they asked for a multifactor authentication token to access the company's larger corporate network.

Regulations on collaboration apps

The risks of collaboration apps are becoming increasingly well-known, especially by regulators in heavily regulated industries like financial services, which penalize using messaging apps like Slack, WhatsApp, and email to discuss sensitive information.

Banking behemoths like JPMorgan Chase & Co, Morgan Stanley, Bank of America, Goldman Sachs, Barclays PLC, Credit Suisse Group AG, Deutsche Bank AG, and UBS Group AG all face fines totaling more than $1 billion for using unauthorized messaging apps like WhatsApp and email.

In July, Morgan Stanley was hit with a $200 million fine for allowing employees to use personal email addresses and WhatsApp for work-related communications. Similarly, JPMorgan was fined $200 million last December for allowing employees to conduct business via emails and WhatsApp. It is implied that communication apps are insufficient for protecting regulated data and intellectual property.

Remote communication brings new risks to mitigate

Even though collaboration apps' security risks are becoming more widely known, many businesses find it impractical to completely ban their use, especially given how many rely on them to allow workers to collaborate remotely from home.

At the very least, organizations should limit the information that can be shared through communication apps and forbid exchanging any IP data.

This means that even if a hacker manages to get past the multifactor authentication and password controls, they won't be able to start stealing trade secrets and regulated information.

The truth is that communication apps lack the built-in security required to safeguard highly valuable information from sophisticated threat actors in a way that complies with rapidly changing data protection laws.

End-to-end encryption and user awareness

Secure communication platforms that use end-to-end encryption offer a partial solution to these issues for businesses that want to keep using collaboration apps to manage this data.

It's critical not to undervalue user awareness's role in lowering the risk that collaboration apps pose. Hackers frequently used social engineering to trick users into providing multifactor authentication codes in these breaches.

Employees are better equipped to recognize manipulation tactics and avoid providing information that could compromise crucial systems after receiving training on these social engineering attacks.