Data Loss Prevention: New Vulnerable Channels

Where there's a will..

As Traditional DLP Systems have evolved to close down the channels data leaking insiders have used, employees have found other ways to get data out. There are now easy ways to take digital information from organisations, without traditional DLP detection.

DataBorder DLP Protection of data extraction through screen, sound and system components

Working Proof Of Concepts of
screen, sound and system component data leakage
    Data Ex-Filtration Tools    

How the ex-filtration works

Via The Computer Screen

There are few computers without a screen - employees need to see the screen to work. The intention is that information shown on the screen is just for users to interactively work with, but there's nothing to stop data being displayed in a way that a can be read by another device with a camera and decoded back into data.

Encode Data As Sound And Play It Through Computer Speakers / Headphones

Just as dial-up modems used to do before broadband internet connections, data can be encoded as sound and transmitted to a listener to reconstruct back into data at the other end. Office computers are increasingly used as IP phones, for conference calls & training so have speakers and headphones. There's nothing to stop the output being data carrying beeps rather than a conversation.

By Manipulating Components Within The Computer To Produce A Signal

Some computer systems are so sensitive that they are intentionally separated from the rest of the world. Systems like Government networks with secret data, power-station or manufacturing controls are "Air-Gapped" in an attempt to isolate them from infection, hacking and data leakage. Researchers have demonstrated ingenious ways to get data out of air-gapped systems, without a network connection, removable drives and even without outputs like screens or speakers used above. Internal components can be manipulated to produce a signal capable of carrying data and a nearby sensor collects and interprets the signal on the unorthodox data channel.
Data Border

Prevent covert channel data leaks.
Detect rogue insiders & suspicious activity.

Phone: +44 (0)203-4111451

Email: enquiries@databorder.com


Registered in England & Wales
Co. Number: 10829289
VAT: 272 1175 22