IT managers will have a hard time guarding their networks against unscrupulous employees using hacker tools to steal sensitive data, according to a security expert.
Hacker tool Camera/Shy permits the hiding and viewing of sensitive or incriminating data inside innocuous picture files.
But Richard Barber, security consultant at Integralis, said that it was just one of many programs available to hide data not just in pictures, but in other files.
Blocking picture files at the internet gateway is not enough, he warned.
"The reality is [that] some of the steganography tools available can hide an Excel spreadsheet within another Excel spreadsheet," he explained.
"Then you have to identify which file out of the thousands going through an internet gateway is the one you are looking for."
Camera/Shy was released at hacker conference H2K2 last week by Hacktivismo, an offshoot of hacker group Cult of the Dead Cow, with the aim of allowing anonymous web surfing in countries where the internet is censored.
Organisations worried about the use of Camera/Shy will have taken considerable steps already to tighten network perimeters and prevent the existence of such files.
Network management software company NetIQ claimed that updates to its Security Analyser software will detect and eliminate the Camera/Shy software in a network.
Its Security Manager software will detect the launch of the hacking software and close it immediately.
Scott Hollis, security product management director at NetIQ, said: "The release of this new hacker tool shows how important it is for IT administrators and security staff to maintain a high state of readiness against new threats.
"Keeping up to date on all of the latest vulnerabilities and threats is a daunting task for already overworked IT professionals."
Barber maintained that there are very few tools available that can detect the use of steganography.
"You have to do it some other way because any mechanism you have that claims to detect steganography as it stands is claiming a lot more than it can deliver," he said.
Barber added that companies need outside help to deal with this problem as resources are often directed at the wrong priorities.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software