The Dangers of Shadow Apps.

AuthorBandos, Tim

Businesses everywhere should be increasingly concerned about the risks posed by unsanctioned shadow apps--any software applications that have not been cleared by a company's information security team, but that employees use anyway. Because these apps are not sanctioned, they usually are not monitored or secured in the same way that approved apps are, making them vulnerable to exploitation by criminals and insider threats. Some of the most common kinds of shadow apps and the dangers they pose to the wider organization include:

Browser extensions. Web browser extensions are historically difficult to secure but pose a significant threat to data security, making them a perennial favorite among cybercriminals. A compromised browser extension can be used to deliver malicious URLs, turning that browser into a potent cyber weapon. Every day, Google is forced to remove dozens of such browser extensions from its Chrome Web Store, and that is just one vendor.

Many recendy discovered malicious extensions have been loaded with malware used for cryptocurrency mining and click fraud campaigns. Cryptocurrency mining in particular can have a devastating effect on an organization's network, with the strain generated causing major performance issues and running up big electricity bills.

Instant messaging. Instant-messaging programs can be found in nearly every workplace and while the most popular ones tend to be on the list of authorized apps, it is the use of unknown, unsanctioned messaging apps that can introduce risk. For example, Pidgin is an open source client used by millions of people worldwide, but it can do much more than just enable communication between coworkers--in some environments, it can also be used as a tool for running arbitrary commands on infected endpoints and controlling backdoors.

Pirated apps. In recent years, a growing number of apps have been sold outside of official stores. Many of these have been designed to look legitimate, but are instead laced with malware, spyware, or worse. When installed, they can expose a network and the data held within to all kinds of cyberattacks.


Aside from the inherent risks that unsanctioned shadow apps present, they also create wider issues for IT teams. One of the biggest is the fact they are not patched like sanctioned apps are. The majority of large organizations operate strict patching regimes across all of their main applications, keeping them updated with the...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT