Friend without correspondence: business has started to limit employee communication in messengers

Large Russian companies have begun to restrict employee communication in messengers, Izvestia found out. Customer contacts and discussion of all work issues are being transferred to secure corporate platforms — recently, similar decisions have already been made by X5 Group, the Hatimaki food delivery service, and banks, sources in the market told the publication. Companies are reviewing their security policies amid rising cyber threats. Their danger should not be underestimated: every fifth Russian company has already faced hacker attacks in one form or another, experts say. The risks of communicating in foreign messengers were also confirmed by Roskomnadzor, which on August 13 partially blocked access to the voice services Telegram and WhatsApp (owned by Meta, which is recognized as extremist and banned in the Russian Federation).

What new measures are businesses introducing to protect themselves from cyber threats?

Russian companies are reviewing their approaches to ensuring information security amid an increase in the number of cyber attacks and attempts to gain unauthorized access to confidential data. As Izvestia has learned, large companies from the financial and commercial sectors have begun to restrict the use of messengers for work purposes, transfer internal communications to secure corporate platforms, and strengthen control over file transfers.

Photo: IZVESTIA/Pavel Volkov

According to Izvestia's sources, the appropriate measures are already being implemented by X5 Group, the Hatimaki food delivery company. An interlocutor of the publication in a top-10 bank said that the heads of structural divisions that interact with customers strictly control the ban on communication in foreign messengers: regarding banks, such a direct ban was introduced by law as early as June 1, 2025, but there were cases when some managers continued such communication.

Squabbling call: why Russia has restricted calls in messengers

Reducing the functionality of Telegram and WhatsApp* will protect users from fraudsters, Roskomnadzor believes

The editorial board sent requests to the mentioned companies with a request to comment on the changes.

— X5 does not prohibit employees from using messengers for personal purposes. At the same time, there is a clear separation between personal communication between employees in messengers and their use for work correspondence," the company explained. — Solutions located inside the company's information infrastructure are used for official communication. For personal communication, we provide employees with recommendations aimed at raising awareness of cybersecurity risks.

Alexander Kirsanov, head of the MTS Link Legal Department, confirmed that in 2025 the business has seriously revised its approaches to information protection. According to him, in addition to the introduction of next-generation antivirus solutions, data encryption, access control, auditing and logging systems, special attention is now being paid to protection against leaks via USB devices and messengers.

Photo: IZVESTIA/Dmitry Korotaev

— However, the most significant change was the gradual abandonment of single-factor biometrics as the main or only authentication method. Companies are implementing multi—level systems, including so-called live biometrics, which makes it possible to distinguish a real person from an image, mask or deepfake when accessing internal systems," he noted.

According to him, the companies' security services are getting new functions and an expanded range of responsibilities. The positions of specialists in detecting deepfakes, as well as monitoring employee activity on social networks, are being introduced. Since 2025, updated requirements for the qualifications of information security specialists have entered into force. Now they must undergo specialized training. The share of Russian companies that have already updated or are in the process of updating corporate security policies in connection with AI threats is about 20%, Alexander Kirsanov added.

Andrey Usenok, Head of Information Security at Avito, said that there is indeed an increase in companies' attention to data protection, from personal to commercial. One of the key tools is the leak prevention system, which helps to control the transmission of information and prevent risks when working with external media, messengers, mail channels and cloud services.

Photo: IZVESTIA/Sergey Konkov

— We are building multi-level protection: we use systems for monitoring and detecting attacks, encryption, auditing actions, restrictions on data transmission channels, — said Andrey Usenok.

Overall, according to MWS AI, more than 20% of Russian companies have already experienced real hacker attacks. At the same time, in the future, attackers will act more actively, and the number of spoofing attacks (a situation in which one program successfully disguises itself as another by falsifying data) and deepfake attacks will multiply, experts believe.

Many large companies still have a low level of protection regarding the use of messengers, MWS AI emphasized. But investments in attack detection and prevention technologies, as well as increased response speed, will become crucial factors for survival in the face of a growing cyber threat.

The risks of communicating in foreign messengers were also confirmed by Roskomnadzor, which partially blocked access to calls via Telegram and WhatsApp on August 13. The ministry noted that they have now become "the main voice services used to deceive and extort money, involve Russian citizens in sabotage and terrorist activities."

And the Ministry of Finance reported that access to Telegram and WhatsApp call services will be restored if they meet the requirements for compliance with Russian legislation.

How Security is becoming a Business priority

Previously, many cyber defense measures were more formal in nature, but today security has become one of the key elements of the strategy. Financial organizations, IT companies and government agencies are moving from point-to-point solutions to integrated protection systems, Anton Nemkin, a member of the State Duma Committee on Information Policy, Information Technologies and Communications, federal coordinator of the Digital Russia party project, told Izvestia.

Photo: IZVESTIA/Dmitry Korotaev

— Control of information transmission channels via USB storage media and instant messengers is important because a significant part of leaks is still related to the human factor and unauthorized copying of data, - said the deputy.

According to Eleonora Kavshar, deputy head of the LDPR central office for information policy, the decision to change the business security policy looks timely. After the hacker attack on Aeroflot, all companies in Russia should update their cybersecurity protocols and especially take into account the human factor, she said.

Bot penalty: developers' resources have been subjected to active cyber attacks

Information about developers is downloaded by owners of profile chats in Telegram in order to sell it by subscription.

As previously reported, over 100 Aeroflot flights were delayed or cancelled on July 28. The reason was a malfunction in the company's information system as a result of a hacker attack, the Prosecutor General's Office said. Air carriers had not previously encountered a cyber attack of this magnitude, and a full restoration of systems could take about a year, experts noted.

According to Eleonora Kavshar, working with staff, constant training, as well as strict control can seriously protect the Russian information space from intruders.

Photo: IZVESTIA/Eduard Kornienko

Today, special attention is also being paid to biometric authentication — it is no longer an option, but a standard, Anton Nemkin added. Without this, an attacker can use a photo, video, or deepfake to bypass the system. The development of content generation technologies makes such threats more and more real, and businesses should take into account that attacks using artificial intelligence will only grow.

Find out by voice: a database of biometric data of scammers will appear in Russia

The measure is aimed at protecting citizens from telephone criminals.

The Yandex press service told Izvestia that they adhere to the principles of the Zero Trust model in building a security system. This means that every request for access to corporate resources is verified and authenticated, regardless of whether it comes from inside or outside.

"We constantly monitor and minimize risks using multifactor authentication, strict access control and monitoring of abnormal activity," the company noted.

However, a third of the companies have not changed their security principles yet, Anton Nemkin noted.

Photo: IZVESTIA/Sergey Konkov

"In conditions when Russia is one of the most attacked countries in the world, such inertia can be costly," the deputy believes.

Cyber threats are developing faster than corporate regulations, and those who save money on adapting protection systems today risk facing critical consequences tomorrow, from financial losses to a complete business shutdown, the deputy concluded.