Organizations around the world are at risk of sharing highly sensitive information through visual hacking in business office environments. This risk was revealed in the 2016 Global Visual Hacking Experiment, an expansion of the 2015 Visual Hacking Experiment conducted in the United States by Ponemon Institute and sponsored by 3M Company.
The global study included trials in China, France, Germany, India, Japan, South Korea and the United Kingdom. The combined results found that sensitive information was successfully captured in 91 percent of visual hacking attempts globally.
The global experiments involved 157 trials with 46 participating companies across the eight countries. They exposed low-tech hacking methods as a significant risk to corporations around the world.
The findings revealed that organizations need to create awareness among employees on protecting data displayed on device screens, as 52 percent of the sensitive information captured during the experiments came from employee computer screens.
In the experiments, a white hat visual hacker assumed the role of temporary office worker and was assigned a valid security badge worn in visible sight.
The white hat hacker attempted to visually hack sensitive or confidential information using three methods: walking through the office scouting for information in full view on desks; observing computer monitor screens and other indiscrete locations like printers and copy machines; taking a stack of business documents labeled as confidential off a desk and placing it into a briefcase; and using a smartphone to take a picture of confidential information displayed on a computer screen.
All three of these tasks were completed in front of other office workers at each participating company. Combined average highlights from the 2015 U.S. Visual Hacking study and the 2016 Global Visual Hacking study revealed the following:
The information was deemed to be sensitive because of the potential security risk to the organization in the aftermath of a data-breach incident.
“The results of these experiments uncover the significant visual privacy risks that all organizations face globally, regardless of their size, business type or location,” said Dr. Larry Ponemon, founder of Ponemon Institute and chairman of the 3M-sponsored Visual Privacy Advisory Council.
“While visual hacking is often considered a low-tech threat, the repercussions can be just as detrimental as a high-tech cyberattack.”
Feature image credit: propertycasualty360.com