Steganography is the covert hiding of data within seemingly innocuous files. It’s a way of encoding a secret message inside another message, called the carrier, with only the desired recipient able to read it. Now Stegware, the weaponization of steganography by cyber attackers, is on the rise, concealed in images on the Web and social media.
It is offered by default in malware-as-a-service kits on the Dark Web. It has been used in Malvertising campaigns to extort money from thousands of users and bring reputable news sites to their knees. It has been used in conjunction with social media Web sites to steal high value financial assets concealed in seemingly innocuous images.
“All of this is bad news for IT professionals using tools that identify unsafe data since steganography is impossible to detect,” commented Nathan Gilks, Solutions Director at Deep Secure. “We developed Content Threat Removal to address exactly this type of pernicious exploit technique.”
Content Threat Removal ensures that every image viewed by a user browsing the Web or communicating via social media is free of threats concealed using stegware. The Content Threat Removal transformation process destroys any hidden content rendering the image harmless while not degrading its quality.
“Content Threat Removal augments existing data loss prevention and governance initiative such as General Data Protection Regulation (GDPR) because it completely stops data loss via image steganography,” said Nathan Gilks. “It destroys stegware and stops it being used to infiltrate malware, exfiltrate high value data or operate Command and Control (CnC) channels.”
Content Threat Removal and protection from stegware will showcase at IP Expo on the Deep Secure stand.
Nathan Gilks is Solutions Director at Deep Secure. Catch him and the rest of the Deep Secure team at IP Expo Manchester 25-26 April 2018 on Stand 756.