Spy case shines light on steganography

Alleged agents hid messages in plain sight in digital photos

One of the spy technologies that's come to light in the recently-exposed alleged Russian spy ring is steganography, a word that comes from the Greek for “covered writing.” It’s a way to hide information in plain sight, and has been around since ancient times, in one form or another.

In one example cited by NetworkWorld, a Greek named Histaiaeus shaved the head of a slave, tattooed a message on his scalp, and then waited until his hair grew back to send him on his way. The recipients of the message shaved the slave’s head again to see the message. Conspiracy theorists maintain that crop circles are a similar trick—an encoded message from aliens (or pranksters) that disappears once the barley grows back.


Related:

Were alleged Russian spies done in by technology problems?


Other low-tech steganography methods include knitting encoded messages into sweaters, or encoding messages in print so small that it takes a magnifying glass to read it. Even invisible ink, also used by the accused Russian spy ring, is a form of steganography.

But the digital age has opened up whole new avenues for the practice. The 11 people accused of being part of a Russian espionage ring reportedly inserted text into digital images. Investigators searched the suspects’ hard drives and found drafts of messages embedded in the images.

Former GCN reporter Patience Wait reported on steganography back in 2005. Wait talked with Chet Hosmer, CEO of software company WetStone Technologies, which makes software tools that agents can use to find the clues to these hidden messages.

Because image and audio files tend to be large, they make great hiding places for messages, Hosmer said. In an audio file, steganographic messages are often hidden in the brief silence at the beginning of a song. By comparing the wave signature of a suspected file to a clean copy of the song, you can tell if a message has been inserted.

A message could be hidden in a digital photo on an online auction site, where thousands of people would see it. Analysts could examine the color palette in a digital photo, looking for clues that the file had been manipulated. A photo with a hidden message will have a more limited palette, with blocks of color spaced more closely together.

In 2005, there were 300 steganography programs available to hide secret data within image, sound and text files; today there are more than 1,000. The one that the Russian espionage ring used, however, was not commercially available.

The Washington Post demonstrated steganography in an article that shows what looks like an ordinary photo of a tropical fish. Steganography expert Gary C. Kessler used steganography software to embed within the fish image a map of the Burlington, Vt., airport. The alteration is invisible to the naked eye.

About the Author

Trudy Walsh is a senior writer for GCN.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.