ÃÛÌÒTV

Security 101 08-21-2015

Dangers of Visual Hacking

ÃÛÌÒTV

A recent experiment by showed that hacking techniquesÌýgo beyond the typicalÌýdigital realm. Visual hacking is one method that is easier than brute-forcing passwords or exploiting vulnerabilities. Visual hacking is straightforward to understand; it relies on visually observing and remembering information found on computer screens, phone screens, on desks, sticky notes, paper, etc. This technique is so easy an used it to gain access to his school’s network. The 8th graderÌýchanged the image on his teacher’s desktop. His prank was pretty harmless, but was unnerving for the teacher.ÌýIf theÌýsame technique wereÌýin anÌýoffice setting, itÌýcould result in a data leak.

Visual Hacking Experiment

Ponemon Institute tested 8 companies to determine how well they stood against a visual hack.

  • 88% of visual hacking attempts were successful.
  • 20% of the data hacked was considered very valuable.
  • In 45% of the hacks, researchers were able to obtain information in 15 minutes or less.
  • In 70% of hacks office workers observed hacks but did not stop them, even after obviously suspicious activities.

Visual hacking researchers were given three visual hacking tasks to complete. In the first task researchers walked through an office gathering any sensitive information available on desks, computer screens, and other easy-to-access locations. In the second task, researchers conspicuously attempted to grab documents labeled as confidential and tried to put them in a briefcase. In the third task researchers used their phones to take pictures of computer screens in full view of office workers.

Mitigating Visual Hacks

Educate Employees

Educate employees on what visual hacking is. Employees should not keep login credentials, sensitive documents, or other sensitive information visible on desks, walls, or anywhere it is clearly visible. They can also help by knowing who’s who in the company (this may be more difficult in larger companies). Once they learn the faces of their co-workers, they’ll recognize anybody out of place and they can then take appropriate actions.

Smart Office Design

The Ponemon study shows that offices are prime locations for visual hacking. Current office layouts have moved away from individual cubiclesÌýto large open areas, where employees can more easily interact. This makes for a dynamic work environment, but it also makes things easier for someone wanting to harvest information while walking through the office.ÌýIt is in your best interest toÌýinstall card access locks on doors or office areas that not all employees need access to. It may also be a good idea to consider a surveillance camera system.

This Ponemon Institute study gained valuable insight about visual hacking, a topic that many experts don't think about in their day-to-day work. Educating employees about the risks and designing your office to ward off this type of intrusion is important for your organization's security.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-27-2024

6 actionable ways to secure the IIoT at every stage

Tracking the progress toward post-quantum cryptography

The state of PQC since the publication of FIPS 203, 204 and 205