A business executive is sitting on the hard plastic seats in the airport lounge. He decides to check his email and takes out his smartphone. Unbeknown to him, someone sitting either next to him or behind him can easily glance at his screen and see what he’s working on. If that person is a hacker or has criminal intent, they can easily take sensitive information from the screen and use it for their own benefit.
If the executive works at a security or even a consulting firm, then the loss of his information could result in a huge breach in security.
This is what is known as “visual hacking”. Anyone can look at the laptop screen or cellphone of the person sitting next to them and find out what they’re doing on it. A visual attacker can take pictures or even make a video of the screen using a cellphone camera. They can get an idea of what keys were pressed on the keyboard and even deduce what the password is.
According to research done by 3M, a global science company, visual hacking is extremely easy. The scientific powerhouse conducted a global visual hacking experiment that determined the effectiveness of visual hacking.
Results from 3M’s Global Visual Hacking Experiment:
- At a global level, 52% of sensitive information was visually hacked from employee computer screens.
- Visual hacking happens quickly. In nearly half of the global trials, an undercover hacker was able to obtain information in 15 minutes or less.
- An undercover ethical hacker was able to visually obtain information in 91% of the global trials.
- Visual hacking often goes unnoticed. The hacker was stopped in only 32% of global attempts which meant that 68% of the time no one did anything to stop them.
- 27% of the information accessed included login credentials, financial information, as well as privileged documents.
- On average, 3.9 pieces of sensitive information were successfully obtained per trial.
Glancing at your neighbor’s work is a daily occurrence. Research by Iron Mountain, a storage and information management company, in 2013 has highlighted how common shoulder surfing really is. Their research found out that 72% of the commuters in the UK glance at the mobile phone or laptop screen of the person sitting next to them to see what they are doing. The research concluded that due to this, at one time or another one out of every five UK commuters have been privy to confidential or highly sensitive information. Not only this but 20% of senior level staff at companies believe that getting information through over-the-shoulder snooping at an airport lounge is child’s play.
Read more: Not Your Everyday Hacker
Airports are not the only prime snooping ground for shoulder surfers. The low walls and the shared spaces in an open office design means that more computer screens are visible and more information can be seen. In addition to this, more than 59% of employees take their work outside the office.
Avoiding visual hacking is becoming more important to users and new technologies are now addressing it. HP recently introduced two 14-inch laptops that have the world’s first “integrated” privacy screen. The technology called “Sure Fire” makes the screen dimmer by “up to 95%” when someone looks at it from a side angle. The screen is only fully visible if it has viewed directly from the front. Having a fully integrated privacy screen instead of a “glue-on” filter means that companies can be sure that their employees are using it.
Google has also jumped on this bandwagon and their new messaging app “Allo” has an incognito mode that allows you to get private notifications so you can hide your conversations from people looking over your shoulder.
In this technological age, having a visual privacy plan as well as the standard internet security software seems to have become more important than ever before.