Visual Hacking

What is visual hacking?

  • Glancing at someone else’s data on a screen is already hacking.
  • Data obtained by hacking can easily be misused and passed on.
  • Travelling on public transport is a possible cause of risk.
  • There are a number of measures that protect against data theft.
Visual hacking means that someone steals confidential data by memorising or photographing information that is on a screen. The data obtained by visual hacking can easily be passed on and misused. Merely looking at third-party data is already considered hacking. A common term for visual hacking is ‘shoulder surfing’. This type of data theft can happen quickly when working in the office or when travelling by train or plane, as well as in co-working spaces and the like.
A test by the cybersecurity company „Kaspersky“ showed that in 170 examined train compartments, only 5% of the laptops used there had a privacy filter. It was also found that the tester could see business programs used on 1,193 screens. In 87% of cases, a laptop was used, making it the most common device.

Is visual hacking something that only occurs at work?

No, this phenomenon is also becoming more and more common in the private sphere. When you’re out and about privately, you don’t want other people to see which social media channels you are browsing or which series you are watching. Everyone has the right to privacy. Individuals should be aware that their own screen is not really private in public environments.

How can I protect myself against data theft?

1. Don’t leave your laptop or computer unattended.
If you leave your workplace even for just a short time, be sure to lock your computer. Your laptop should not be left unattended at airports and train stations. Even if you entrust your laptop to someone, you should still lock it.
2. Deny nosey people the view.
In the office, you might be able to stop other people from seeing your screen by placing a plant in their line of sight. But privacy filters are a better solution. Invest in a professional privacy screen. This will prevent data thieves from viewing information from the side – a particularly useful tool in public places. On the bus and train, the person sitting next to you should not have a direct view of the activities on your laptop.
3. Implement a CLEAN DESK policy.
Corporate policy dictates that employees must keep their workplaces clean and remove important documents from their desks, even if they are absent only briefly. Why shouldn’t data on the computer be made inaccessible as well? Make sure that your computer is always locked as soon as you leave your workstation.
4. Moving office furniture
You need to be aware of how much data is involved in your work. Anyone who has a view of your screen commits data theft and can misuse it. Position your office furniture in a way that lets you control the perspective from which your workstation can be seen. Small adjustments to the angles can make a big difference. Make sure you have a hotkey that activates a screen saver if you notice potentially prying eyes.
5. Data destruction policy
The data destruction policy can reduce the number of confidential documents in circulation. To this end, the company has to team up with a reliable service provider and implement a ‘shred-it-all’ policy. Employees can destroy data and documents directly when they are no longer needed. The destruction of data is also regulated in the General Data Protection Regulation that came into force on 25 May 2018.