Everything on the video call—PowerPoint slides, passwords, and that new haircut included—is about to get a little more protection.
Microsoft announced in a recent “roadmap” update that it will deploy a “prevent screen capture feature” in its Teams communication platform.
When a user attempts to take a screenshot, the post says, a proposed mechanism, set for rollout in July, will go Sopranos finale and abruptly turn a meeting window to black.
While security pros who spoke with IT Brew haven’t seen too many real-life scenarios connecting screen captures to data loss, they shared their theories about what security threats might be driving Microsoft’s screen-capture block.
Screen time. Microsoft’s 2024 Digital Defense report noted that threat actors target high-value individuals with “access to trade secrets, financial systems, key strategies, and other sensitive and proprietary intellectual property.”
An adversary going after IP can blend in on a crowded videoconference.
“You don’t know everybody on there. And for a bad actor, that may not be a bad thing to be involved with, especially if somebody is after some corporate espionage,” Erich Kron, security awareness advocate at KnowBe4, said.
Few reports have uncovered real-life instances connecting videoconference screenshots and high-impact data breaches.
One memorable Covid-era mishap occurred when then UK prime minister Boris Johnson tweeted a screenshot of a Zoom meeting, complete with the meeting ID number.
Verizon’s most recent Data Breach Investigations report (DBIR) found “carelessness” as a top vector in 21% of over 7,300 cyber incidents from Nov. 1, 2023, to Oct. 31, 2024. Top “miscellaneous errors,” according to the DBIR, included misconfiguration, misdelivery, and publishing mishaps.
According to Microsoft’s roadmap notice, users joining from unsupported platforms “will be placed in audio-only mode to maintain the integrity of the meeting’s content.”
Phone time. Kron sees at least one workaround for a screenshot-preventing feature. “It’s extremely easy just to pull out a camera and take a picture of your screen,” he said.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
In an email to IT Brew, ethical hacker and CEO of SocialProof Security Rachel Tobac said she has used live screen-captures during private meetings (and authorized penetration tests) to capture someone’s face and audio to create a lookalike deepfake, and to then use the digital replica to ask associates for valuable credentials like passwords or wire transfers.
“This change will definitely make that harder to do, which is a good thing! Capturing from my phone creates a lower quality and less believable deepfake,” Tobac wrote in an email.
Gen there. GenAI’s increasing ability to process images as information has compounded the screenshot security problem, Tim Erlin, security strategist and VP of product at Wallarm, told us.
“When you can take a screenshot, or lots of screenshots and ask AI to stitch them back together into a document that you can then share, or that has already been shared as training data now with that AI, it becomes a problem at scale, and that, I think, is a reason for Microsoft to do something about it,” he told us.
Microsoft, conversely, has begun the rollout of its Windows Recall feature, which takes continuous screenshots to help users find content on their device.
“It’s based on exactly the technology they’re trying to thwart, which is, you take screenshots and you feed them into AI, and AI analyzes them, and then gives you the ability to search it and summarize,” Erlin said. “So, in some ways, the threat that Microsoft is addressing is Microsoft.”
Microsoft declined to answer questions regarding its decision to create the feature, the risks the feature aims to address, and how the feature would impact users of its Recall tool.