I read steganography is expected to grow increasingly popular with hackers in the near future. How does a hacker...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
use steganography, and how can enterprises best defend against steganography-based attacks?
Steganography is the hiding of a secret message within an ordinary message. Using steganography techniques, like using encryption, helps attackers to minimize the chance of their attack being detected. And like encryption, using steganography techniques effectively requires proper implementation. But as attackers improve their usage of encryption, moving beyond simple ransomware schemes and using it to hide and exfiltrate corporate data, they will need to take additional steps to hide their communications, which could lead to an increase in using steganography techniques. This helps thwart heuristic or behavioral analysis that looks for anomalies in network connections. For example, attackers could use a social network of their choosing for their command-and-control infrastructure in order to hide their communications with the legitimate network traffic to the website. In a targeted attack, an attacker could try to identify the most common social network in use at the enterprise and use that to set up the command-and-control communications for their malware.
Enterprises can defend against attacks that use steganography techniques in much the same way they can defend against attacks using encryption -- by using tools that look for anomalies in protocol or extra data in a communication channel. For example, if a JPEG file looks like a low-quality image when opening it in a picture viewer, but the file is larger than expected, there is a good chance there is something else being stored in the JPEG, requiring further analysis.
Discover ways to detect and mitigate advanced evasion techniques
Dig Deeper on Emerging Information Security Threats
Nick Lewis asks:
How does your organization scan for potential steganography-based threats?
1 ResponseJoin the Discussion
Related Q&A from Nick Lewis
An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly ...continue reading
The Irongate malware has been discovered to have similar functionality to Stuxnet. Expert Nick Lewis explains how enterprises can protect their ICS ...continue reading
APT groups have been continuously exploiting a flaw in Microsoft Office, despite it having been patched. Expert Nick Lewis explains how these attacks...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.