When we think about hacking, we have this preconceived notion that someone far away is trying to access another person’s computer or server in the comfort of their own home. Simply by entering a few sophisticated hacking commands, the hacker is able to extract the required information from their victims – as seen in the movies. Although this type of hacking can be counteracted by using encryption tools such as Folder Lock, there’s another – more sinister type of hacking – called visual hacking which is always overlooked. A study conducted by the Ponemon institute found that nearly 88 percent of so called ‘white hat hackers’ attempting to visually hack information were – by and large – quite successful.
The study was conducted in eight U.S based firms, in which employees volunteered to steal information visually, such as a password or other sensitive access codes. Employees were instructed to steal information using three different techniques; the first technique involved roaming around the office, looking for confidential information available in plain view. The second technique involved simply picking up and walking away with sensitive documents which were easily accessible. The third method involved taking images of perceptive information with a smartphone camera.
What’s surprising is that these activities were all conducted in plain view, and only 30 percent of time the culprit was stopped or caught by other employees. Keeping these facts in mind, it’s shockingly disturbing how easy it can be to steal information from a company. In addition to this, the following detailed stats related to the study were also recorded:
Speed: Nearly 45 percent of visual hacks took place in less than 14 minutes, while the remaining 63 percent took less than 30 minutes.
Amount of information stolen: Visual hackers, on average, were able to steal 5 pieces of sensitive information. Out of those 5 documents, 63% were related to HR data. 42% was related to customer lists and information, and lastly 37% were related to sensitive passwords and access codes.
Venerable mediums: Nearly 53% of receptive information was stolen through visually observing computer monitors. While 29% was stolen from vacant desks, trash bins and copy machines.
In all, the study revealed how simple it is to steal information in an office setting. The study highlighted a whole new side to ‘insider threats’. It was also found that offices which have an open plan floor design were much more susceptible, as suppose to other office plan types. Thus, contractors or visitors with the intention to steal could easily get away classified documents without much effort.
Moving on, looking at different departments within a company, it was found that the customer services department was most at risk, while finance/accounts department were the most challenging departments from where information could be stolen.
The good news is that visual hacking can easily be prevented through employee training. HR departments need to setup a good training system for existing and new employees in which they can train them on how to prevent visual theft. With appropriate training and visual deterrents (such security cameras) companies can keep their intellectual assets safe.