CIOReview
CIOREVIEW >> Security >>

This Is How Your Computer Gets Hacked!

Mustapha A. Obeid, Information Systems Operations Manager, Illinois Institute of Technology
Mustapha A. Obeid, Information Systems Operations Manager, Illinois Institute of Technology

Mustapha A. Obeid, Information Systems Operations Manager, Illinois Institute of Technology

Few days ago I received the following email with a picture that was added as an attachment:

No problem, right? Had I clicked on the attachment my laptop would have been immediately hacked by a virus or may be a Ransom Ware similar the infamous WannaCry that has circulated recently.

The technique is called steganography, and I will show you exactly how it works in the hope that you will be able to protect yourself against future attempts. This post includes certain technical details but I will let go of the heavy-duty tech jargon hoping that non-technical readers will be able to follow.

“Steganography is the art of hiding something in plain sight”

First, a primer.

1.   Download a picture, any picture, off the Internet.

Example:

https://upload.wikimedia.org/wikipedia/commons/8/82/Chicago_sunrise_1.jpg

2.   Use MS Word (or any word processing software of your choice) to create a file called  “Test.docx.” Open the file and type in the following: “Test 123.” Save the file.

3.   If you have Microsoft Windows as your operating system use the COPY command to merge the two files: the initial picture that you downloaded in step 1 and the “Test.docx” file that you created in step 2.

Example: C:> COPY /B Chicago_s unrise_1.jpg + Test.docx

Chicago_sunrise_2.jpg

The above command line merges the two objects “Chicago_sunrise_1.jpg” and “Test.docx” and creates a new picture object called “Chicago_sunrise_2.jpg” with the content of “Test.docx” embedded into it.

4.   Now use any picture viewer software of your choice (such as “Windows Photo Viewer”) and take a good look at the two pictures “Chicago_sunrise_1.jpg” and “Chicago_sunrise_2.jpg.” They look identical, right? Well, looks can be deceiving because the second picture, “Chicago_sunrise_2.jpg,” has the file “Test.docx” (and its content) embedded within, yet completely hidden from view.

Now Steganography is the art of hiding something in plain sight, for example when looking at a picture on your computer and not being able to see embedded messages or files. Steganography is powerful just like that.

In the example above we embedded a simple Word file with simple content, but we could have also embedded a whole list of things that are far more sinister such as computer viruses and RansomWare. And once you view the malicious picture, your computer is hacked.

Read Also

Revolutionizing Disease Predictions Using Machine Learning

Revolutionizing Disease Predictions Using Machine Learning

Ylan Kazi, Vice President, Data Science + Machine Learning, UnitedHealthcare
The State-Of Machine Learning Adoption in the Enterprise

The State-Of Machine Learning Adoption in the Enterprise

Sangeeta Edwin, Vice President, Data, Analytics & Insights, Rockwell Automation
Does your VPN policy reflect the new reality, and what risks do you face?

Does your VPN policy reflect the new reality, and what risks do you...

Adam Such II, President and Chief Operating Officer, Communication Security Group Inc.
Recent Developments in Multifactor Authentication Landscape

Recent Developments in Multifactor Authentication Landscape

Elliott Franklin, Director of IT Governance & Security, Loews Hotels & Co
Ushering a New Era in Enterprise Security

Ushering a New Era in Enterprise Security

Mandy Huth, VP of Cybersecurity, Kohler. Co
Five Ways for Cyber Security Teams to Successfully Adapt to Evolving Environments

Five Ways for Cyber Security Teams to Successfully Adapt to Evolving...

Mike Holcomb, Director - Information Security, Fluor (NYSE:FLR)