S.T.E.G.A.N.O.G.R.A.P.H.Y. Steganography from the Greek words steganos, meaning "covered, concealed, or protected", and graphein meaning "writing". No, this isn’t a Scripps National Spelling Bee word (or maybe it has been at some time). It is something most cyber criminals understand and may use to smuggle malicious code into your organization.
What Is Steganography?
Search Security defines steganography as:
“the hiding of a secret message within an ordinary message and the extraction of it at its destination. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data.”
And according to Lilly Hay Newman in a Wired “Hacker Lexicon” article:
“Even creepier, though, some malicious code can actually hide inside other, benign software—and be programmed to jump out when you aren't expecting it. Hackers are increasingly using this technique, known as steganography, to trick internet users and smuggle malicious payloads past security scanners and firewalls. Unlike cryptography, which works to obscure content so it can't be understood, steganography's goal is to hide the fact that content exists at all by embedding it in something else. And since steganography is a concept, not a specific method of clandestine data delivery, it can be used in all sorts of ingenious (and worrying) attacks.”
Why Should CISOs Care?
What you don’t know, can and will hurt you. It may sound like another blatant statement of the obvious, but all too often, Chief Information Security Officers can be blindsided by malicious code imbedded in what was believed to be trusted content from trusted sources. Check out our previous blog on “File-less Malware Demystified” for a deeper look at what hackers deploying steganographic techniques can do to your organization.
Prevent, Don't Remediate
SoleGATE™ has been architected from the beginning to find code hidden in content and with the right degree of flexibility to deliver end-to-end security across a changing threat landscape that could be initiated from different attack vectors such as: email, web, and cloud office applications. It is agnostic to the underlying infrastructure implemented and is able to protect in hybrid environments with a mix of virtual, hardware, and XaaS-consumed infrastructure. Whether on-premise or in the cloud, SoleGATE operates consistently, totally separating environment variables from security logic. Managed centrally, SoleGATE gives customers the flexibility and consistency to have a truly end-to-end security that is not restricted to a certain vertical.
Get Solebit’s whitepaper on a transformative, evasion-proof approach against modern cyber-attacks that doesn’t require sandboxing. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.