As more and more organisations are stepping up their security, cyber criminals are being forced to improve their methods of committing cyber crimes.
Security experts at Skyhigh Networks have discovered an instance of cyber criminals using video sharing services to tunnel sensitive data out of organisations.
No, they’re not videoing each document and uploading it to YouTube. In fact, their method is sophisticated yet surprisingly easy.
Video sharing services are the perfect mask for these sneaky attackers as it’s common for large files to be uploaded and downloaded, removing any suspicions as to why someone just upload a 2GB file to a website.
Skyhigh Networks CTO Kaushik Narayan said, “They encrypt this data and wrap each compressed file with a video file. In doing so, they make the original data unreadable and further obscure it by hiding it inside a file format that typically has large file sizes. “This technique is sophisticated; the video files containing stolen data will play normally.”
Once the first part of this method is complete, it is then reversed and the attacker downloads, unpacks and reassembles the pieces of data.
Are hackers running out of options?
No, not at all. From an attacker’s point of view, the beauty of information technology is that there will always be a way in. There are defence options available on the market, but none that will completely cover the attack surface.
I asked IT Governance’s founder, Alan Calder, if he believes cyber criminals are getting smarter.
“Definitely. The sophistication of this data exfiltration technique demonstrates the hackers’ ability to take advantage of weaknesses wherever they find them. The variety of complex techniques means that there is no single security solution – you’ve got to be consistently vigilant.”
This isn’t the first time that a cyber criminal has been caught using an unconventional technique. A criminal was once found exfiltrating data via Twitter 140 characters at a time – amounting to over 100,000 tweets per day.