Stopping Pictures from Hiding a Thousand Words—or Worse
2022-8-31 19:55:15 Author: www.forcepoint.com(查看原文) 阅读量:14 收藏

It is often said “a picture is worth a thousand words.” That’s usually good advice when presenting information, however with the rise of insider theft and people changing jobs during the “Great Resignation” it’s taking on a new, more nefarious meaning.

RBI Demo

Blocking Steganographic Data Exfiltration

Unfortunately, data theft is on the rise. Many organizations deploy defenses such as data loss prevention (DLP) technologies to prevent people from misusing sensitive data—copying to USB memory sticks, emailing to private accounts, uploading to unauthorized cloud storage, etc. Most of the major DLP vendors’ products do a good job of spotting text in a variety of formats (it’s something we’re especially known for). But, clever thieves are turning to new approaches, such as steganography, to embed sensitive data into images that typically pass through even stringent defenses. Is this just a picture of a sunset, or something worse? (Spoiler: it's just a sunset, I took it myself.)

Just a Sunset - Jim Fulton

Steganography is relatively easy to do because many image formats allow extra information to be inserted, even if it’s not part of the picture that ultimately gets displayed. As web security solutions evolve beyond simply blocking access to inappropriate or known-bad sites, they’re incorporating new defenses against image-borne attacks. For example, Forcepoint Remote Browser Isolation (RBI), which is used throughout our web security solutions, applies a Zero Trust approach using technology known as “content disarm and reconstruction” (CDR) that makes web sites and downloaded content safe to use even if they’re secretly harboring malicious code.

But, keeping malware out is just half the picture. We’re also using this same technology to keep sensitive data in. For example, if somebody tries to upload a steganographic image to a personal account in the cloud, our RBI with CDR technology can seamlessly take the image file apart and rebuild it with just the pieces that are directly part of the picture that is to be displayed. This leaves anything inappropriate behind without jeopardizing the quality of the image. It’s bleach for sanitizing files that’s also the best kind of security: protection that keeps you safe without getting in the way.

Here’s a nice video on YouTube from my colleagues Corey Kiesewetter, who writes frequently on RBI and ZTNA topics, and Anthony Bennis showing how steganography can be used to embed sensitive information and how you can stop people from using it to steal sensitive data. We’re incorporating this technology throughout our products, so stay tuned for more.

Jim Fulton

Jim Fulton serves as VP Product Marketing & Analyst Relations, focused on SASE, SSE and Zero Trust data security. He has been delivering enterprise access and security products for more than 20 years and holds a degree in Computer Science from MIT.

Read more articles by Jim Fulton

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.


文章来源: https://www.forcepoint.com/blog/insights/stop-pictures-hiding-malicious-content
如有侵权请联系:admin#unsafe.sh