itb-au logo
Story image

Data loss prevention: Why digital images should not be overlooked

08 Oct 2019

Article by Clearswift CTO Guy Bunker

Digital images are increasingly being used as mechanisms for cyber-attacks. What can organisations do to minimise risks and mitigate against this advanced threat?

The world of cybersecurity never stands still.

Cyber criminals are becoming increasingly creative, releasing new sophisticated cyber-attacks through innocuous-looking documents, email messages, social media, and even texts.

Their latest threat innovation involves everyday digital image files such as PDFs, JPGs, PNGs, GIFs, (and other image file types), used as the delivery source of targeted Advanced Persistent Threats on the way into organisations and as tools for concealing critical information on the way out.

Image files are one of the biggest unaddressed data loss issues for organisations today.

A step-change required for DLP

Traditional Data Loss Prevention (DLP) solutions provide basic protection against the threat of someone trying to send a file to an unauthorised individual.

However, to combat advanced threats, data loss prevention requires a step change. Clearswift solutions provide an advanced level of Deep Content Inspection so that email messages, attachments and web uploads/downloads can be scanned to detect sophisticated threats such as ransomware embedded in documents and images.

Once detected, Adaptive Redaction Technology – developed to modify the content of files in real-time – can be used to remove only the malicious or sensitive data, allowing the remaining digital communication to continue its way.

This enables a continuous flow of communication without the risk of critical information being shared with unauthorised individuals, or malicious content being received into the network.

Mitigate against new image-based threats

Clearswift has developed a range of new innovative features within its SECURE Email and Web Gateways to help combat next-generation data loss risks through images.

Optical Character Recognition (OCR) is a digital technique for analysing images and extracting the text, so that it can be processed like a normal electronic document using DLP functionality.

This includes scanned documents to PDF (from a multi-function printer, for example), or screenshots saved as an image such as a JPG.

OCR enables the images to be analysed just like any other document or file during the transfer process – whether via email or when being uploaded/downloaded to/from websites and Cloud apps.

A further enhancement to OCR analysis allows redaction of text in images, removing only the information which breaks policy by drawing a ‘black box’ across the words.

A technique called steganography can also be used by cybercriminals to ‘hide’ information in digital images.

This is where tools are used to subtly change the image by encoding and embedding sensitive data such that, to the naked eye, there is no visible difference and then the image is used to exfiltrate data.

A standard-sized image can easily hide several thousand customer contacts or account numbers.

In this case, OCR will not help remove the risk as it isn’t a picture of the text.

However, Clearswift’s anti-steganography functionality will disrupt the image so that no hidden data can be extracted – but the image, to the naked eye of the recipient, remains the same.

Leave no stone unturned

When it comes to threat detection, images should not be overlooked.

New technology within advanced DLP solutions, such as Clearswift’s OCR and anti-steganography functionality, can mitigate against the risks of images being used as weapons to launch cyber-attacks or to exfiltrate data.

Using these technologies organisations can protect themselves against data breaches and keep their critical information secure.

For more information, visit here.

Story image
From 1G to 5G: How innovations in cellular have shaped our lives
As we look to the present decade from 2020 onwards, 5G will be at the forefront. The race for 5G is not about merely deploying new infrastructure, but getting the first-mover advantage in who can build and take the leadership role in the host of new applications and services that 5G will enable.More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Link image
End-to-end content services platforms essential to every good DX strategy
Cloud content services and SaaS applications continue to be top-of-mind for business and IT leaders looking to strategically evolve and expand their technology investments.More
Link image
You’re invited to the future of work: A pandemic spotlight
The time for hyperautomation is now. With experimentation and exploration, you can take an automation mindset & create a future-ready workforce today. Learn how on 29 September from 11.30am AEST. Register now.More
Link image
Webcast series: The necessary tools to secure a remote workforce
Experts from across the A/NZ region discuss the best security practices in a remote working world - with sessions available on the first Thursday of every month.More
Link image
Gartner: Edge and IoT deployments are stretching infrastructures
In the future, the role of infrastructure and operations will be to manage the global infrastructure and its associated services, moving away from only hardware and software.More