Steganography: A Powerful Tool for Terrorists and Corporate Spies
Submitted by Templar Titan on Tue, 07/05/2005 - 19:31.
| Jun 28, 2005 1654 GMT
An incorrect CIA analysis caused U.S. authorities to cancel more than two dozen international flights and raise the Homeland Security Department's terrorism alert level in late 2003, NBC news reported June 27. According to the report, the CIA believed that Al Jazeera, the Arabic-language satellite news channel based in Qatar, was transmitting coded information to terrorists using the moving text along the bottom of the screen, known as the "crawl." Al Jazeera, the agency believed, was using a technique called "steganography" to conceal the codes. At the time, CIA analysts believed the secret messages involved dates,
locations and targets of terrorist attacks, including flight numbers of
international flights and geographic coordinates of targets. Based in
part on the analysis, authorities canceled almost 30 international flights
by Air France, British Airways, Continental Airlines and Aeromexico, and
raised the terrorism alert level to orange -- the second-highest level
-- where it stayed for weeks. At the time, then-Secretary of Homeland
Security Tom Ridge said the heightened state of alert was based on "credible
sources." Hidden messages, however, apparently were never found in
Al Jazeera's crawl. |
| Steganography, the technique of concealing
hidden text and images in video images, is used to convey information to
the intended recipient -- and only the intended recipient. The word, which
originated in antiquity and means "covered writing" in ancient
Greek, was used by ancient armies to send secret messages back and forth
between enemy lines. In modern times, steganography refers to encoding messages
in computer software using algorithms and passwords.
Steganographic applications hide one computer file within another and are available on many different platforms, including Windows, Linux and BSD. Two files are needed for steganography. The first, known as a "cover file," is a normal graphic or audio file, such as a .bmp, .jpeg or .wav. The second is the secret file -- another image or document in any format. The second file is hidden in the cover file in the form of an algorithm. Using decrypting software, the recipient can use a password to decode the hidden file. Like any code, steganography can be used for both legitimate and nefarious purposes. A good use might be hiding a list of passwords or access codes in an innocuous picture. Another use is a technique called "digital watermarking," used by individuals and corporations to secure and enforce copyrights by placing a hidden mark in a file. Steganography, however, also can be use to smuggle confidential or critical data out of a company disguised as innocent pictures. This technique can be used to compromise security information, such as the itineraries of CEOs and the composition of personal protection details. There is no limit to the kind or the amount of information that can be compromised. Unless special detection software is installed on a computer, spotting a steganographic code is difficult because the cover file is indistinguishable from other graphic or audio files. The presence of inordinately large file sizes, however, could raise suspicions, since hiding a secret text of 200KB requires a cover file at least 1MB in size. A few programs for detecting steganography are available, but most can only detect hidden files when the cover file is a .jpeg, and not when it is a .bmp or audio file. WetStone produces a steganography detector that has an audio and image analyzer and a password cracker for automated detection and retrieval of the hidden data, though it is pricey. Steganography can be a powerful tool when applied as a tool in terrorism or corporate espionage. Corporate security and IT security personnel should be aware of the threat and take steps to ensure that proper countermeasures are in place. Source: Stratfor |
