Sameer Ratolikar, Chief Information Security Officer (CISO) at HDFC Bank alerts customers to the new dangers posed by malicious steganography-- hiding messages or code within harmless content -- even pictures.
In today's digitally connected world, financial transactions are take place through various digital platforms, like personal desktop computers, laptops and devices. It is therefore imperative for users to be aware about malicious Steganography. For instance, if one is doing some financial transaction from his PC or laptop and the same is being used to download songs or movies from an unknown source, without necessary measures like installing updated and licensed anti-virus or anti-malware software, then one is exposed to such threats. So it is advisable not to down-load from an untrusted source or opening unknown file extensions. Also, installing licensed anti-virus or anti-malware software and timely updates of the same helps provide protection against incidents like malicious Steganography.
What is Steganography?
Steganography comes from the Greek words; ‘Steganos’, which means concealed or hidden and ‘Graphein’, meaning written form. The art and science of hiding information by embedding messages within other, seemingly harmless messages is called Steganography. Steganography works by hiding information which can be plain text, cipher text, or even images in regular computer files (such as graphics, sound, text, HTML). Steganography includes the concealment of information within computer files.
In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. For example, a sender might start with an innocuous image file and adjust the color of every 100th pixel to correspond to a letter in the alphabet, a change so subtle that someone not specifically looking for it is unlikely to notice it.
Steganography sometimes is used when encryption is not permitted. Or, more commonly, steganography is used to supplement encryption. An encrypted file may still hide information using steganography, so even if the encrypted file is deciphered, the hidden message is not seen. Special software is needed for steganography, and there are freeware versions available at any good download site.
How does malicious Steganography work? How does it affect a system?
In an effort to infect any machine with malware, attacker may hide the malicious code within a legitimate looking file with the objective of executing the malware and getting control over target machine. Digital Steganography applications can be used to steal sensitive information by sending the information to fraudster outside the organisation.
The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages—no matter how unbreakable—arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message.
Worldwide, is there an increasing trend of malicious Steganography?
Cyber-criminals use Steganography techniques to encode commands into pictures or crafted webpages to smuggle malware through firewalls into the system under attack. These control commands then ordered a victim's computer to obtain executable code from remote servers, which in turn permit an outsider to gain access to local files within the compromised network.
How to prevalent is the trend of malicious Steganography?
Malicious Steganography is not limited to geographical boundaries. Main motive of using steganography is to hide the malicious code to break into the system. Given the rise of digital usage even in India, one has to be aware and careful of such trends.
How does one protect their systems from malicious digital files?
Protection against malicious digital file is similar to protecting any malware/trojan/virus. The best defense for a regular user is to periodically scan PCs for questionable software. Additionally, the following steps can be taken:
• Never open Emails or download attachments from unknown senders or source.
• Installing antivirus helps. It scans every file you download and protects you from malicious files
• Enable automatic OS updates or download OS patch updates regularly to keep your operating system protected against vulnerabilities and exploits from malicious codes
• Download and use latest version of your browser.