How to Prevent Visual Hacking

In this high-tech age, low-tech hacking techniques like physically looking at open computer screens may be overlooked, potentially leading to disaster.

Often called “shoulder surfing” because the attacker merely looks over the victim’s shoulder, visual hacking puts your data at grave risk, as demonstrated in a Ponemon Institute experiment.

In those trials, a white-hat visual hacker assumed the role of a temporary office worker and was assigned a security badge.

The white hat hacker (researcher, really) entered a facility and performed three overt tasks:

1. View and log sensitive information visible on a computer screen, desk, or printer.
2. Grab a stack of business documents labeled “confidential” off a desk and put them in a briefcase.
3. Take a cellphone picture of sensitive information displayed on a computer screen.

The result of the experiment was dismaying.  Researchers were successful in accessing sensitive corporate information in 91% of the trials, and 52% of the visual hacks occurred via an unprotected employee computer screen.

Over 25% of the data breaches involved sensitive information, such as login credentials, attorney-client privileged documents, and financial information.  They happened in less than 15 minutes in nearly half of all attempts.

Now, this is a corporate situation but the same can happen anywhere you log in. Starbucks, the mall, a park so, be careful when accessing personal information on a device in public.

Protecting yourself

What can you do to reduce the risk of visual hacking?  Plenty:

• Set your computer’s screensaver to kick in quickly—after a minute of idleness, perhaps—and require a password to cancel it.
• Invest in a screen protector that obscures the view from right and left
• Be savvy and aware of situations that don’t feel right. 

© Good Sense Security LLC — August 2020