Online video files used to transport stolen data, cloud security provider says

Online video sharing services are becoming a "perfect medium" for cybercriminals to obtain sensitive data about companies without being detected by traditional security tools, a cloud security company says.

According to Skyhigh Networks, a cloud services and security provider based in Cupertino, Calif., large data files like online videos can be used to embed sensitive data. Then, when a video is uploaded to a consumer-level video sharing site, hackers can access the data.

"There are two attributes that make video sites an excellent way to steal data. First, they're widely allowed by companies and used by employees," said Kaushik Narayan, chief technology officer, in a blog post on Skyhigh's website. "There are many legitimate uses of these sites such as employee training videos, product demos, and marketing the company's products and services. Second, videos are large files. When attackers need to extract large volumes of data, video file formats offer a way to mask data without arousing suspicions about a transfer outside the company."

Cybercriminals use such large files by splitting the sensitive data into compressed files that are each the same size. They then encrypt the data and wrap each file with a video file. The video files play normally, further hiding the fact that sensitive data was transported with them. Once uploaded to a video sharing site, the files are downloaded and unpacked by the hackers.

Don't shut down video uploads just yet: Narayan says that this type of data theft can be detected through big data analysis, which Skyhigh, not coincidentally, just happens to do. The provider compares normal usage activity to identify potential problems.

Skyhigh told Info Security that it had detected this kind of attack 12 times so far, though it didn't name any of the online video service providers involved.

For more:
- Info Security has this story
- read Skyhigh's blog post

Related articles:
Wickr, secure messaging startup, aims to power encrypted communications for Facebook and financial transactions
Data center virtualization drives up adoption of next-gen firewalls
World Cup's unofficial rating: 20 million illegal viewers
Where Redbox Instant went wrong