Août 31, 2022

Stopping Pictures from Hiding a Thousand Words—or Worse

Jim Fulton

It is often said “a picture is worth a thousand words.” That’s usually good advice when presenting information, however with the rise of insider theft and people changing jobs during the “Great Resignation” it’s taking on a new, more nefarious meaning.

Unfortunately, data theft is on the rise. Many organizations deploy defenses such as data loss prevention (DLP) technologies to prevent people from misusing sensitive data—copying to USB memory sticks, emailing to private accounts, uploading to unauthorized cloud storage, etc. Most of the major DLP vendors’ products do a good job of spotting text in a variety of formats (it’s something we’re especially known for). But, clever thieves are turning to new approaches, such as steganography, to embed sensitive data into images that typically pass through even stringent defenses. Is this just a picture of a sunset, or something worse? (Spoiler: it's just a sunset, I took it myself.)

Just a Sunset - Jim Fulton

 

Steganography is relatively easy to do because many image formats allow extra information to be inserted, even if it’s not part of the picture that ultimately gets displayed. As web security solutions evolve beyond simply blocking access to inappropriate or known-bad sites, they’re incorporating new defenses against image-borne attacks. For example, Forcepoint Remote Browser Isolation (RBI), which is used throughout our web security solutions, applies a Zero Trust approach using technology known as “content disarm and reconstruction” (CDR) that makes web sites and downloaded content safe to use even if they’re secretly harboring malicious code.

But, keeping malware out is just half the picture. We’re also using this same technology to keep sensitive data in. For example, if somebody tries to upload a steganographic image to a personal account in the cloud, our RBI with CDR technology can seamlessly take the image file apart and rebuild it with just the pieces that are directly part of the picture that is to be displayed. This leaves anything inappropriate behind without jeopardizing the quality of the image. It’s bleach for sanitizing files that’s also the best kind of security: protection that keeps you safe without getting in the way.

Here’s a nice video on YouTube from my colleagues Corey Kiesewetter, who writes frequently on RBI and ZTNA topics, and Anthony Bennis showing how steganography can be used to embed sensitive information and how you can stop people from using it to steal sensitive data. We’re incorporating this technology throughout our products, so stay tuned for more.

 

Jim Fulton

Jim Fulton serves as VP Product Marketing & Analyst Relations, focused on SASE, SSE and Zero Trust data security. He has been delivering enterprise access and security products for more than 20 years and holds a degree in Computer Science from MIT.

Read more articles by Jim Fulton

À propos de Forcepoint

Forcepoint est une entreprise leader en cybersécurité pour la protection des utilisateurs et des données. Son objectif est de protéger les entreprises tout en stimulant la transformation et la croissance numériques. Nos solutions s’adaptent en temps réel à la façon dont les personnes interagissent avec les données, et offrent un accès sécurisé tout en permettant aux employés de créer de la valeur.