Spy case shines light on steganography

Alleged agents hid messages in plain sight in digital photos

One of the spy technologies that's come to light in the recently-exposed alleged Russian spy ring is steganography, a word that comes from the Greek for “covered writing.” It’s a way to hide information in plain sight, and has been around since ancient times, in one form or another.

In one example cited by NetworkWorld, a Greek named Histaiaeus shaved the head of a slave, tattooed a message on his scalp, and then waited until his hair grew back to send him on his way. The recipients of the message shaved the slave’s head again to see the message. Conspiracy theorists maintain that crop circles are a similar trick—an encoded message from aliens (or pranksters) that disappears once the barley grows back.


Related:

Were alleged Russian spies done in by technology problems?


Other low-tech steganography methods include knitting encoded messages into sweaters, or encoding messages in print so small that it takes a magnifying glass to read it. Even invisible ink, also used by the accused Russian spy ring, is a form of steganography.

But the digital age has opened up whole new avenues for the practice. The 11 people accused of being part of a Russian espionage ring reportedly inserted text into digital images. Investigators searched the suspects’ hard drives and found drafts of messages embedded in the images.

Former GCN reporter Patience Wait reported on steganography back in 2005. Wait talked with Chet Hosmer, CEO of software company WetStone Technologies, which makes software tools that agents can use to find the clues to these hidden messages.

Because image and audio files tend to be large, they make great hiding places for messages, Hosmer said. In an audio file, steganographic messages are often hidden in the brief silence at the beginning of a song. By comparing the wave signature of a suspected file to a clean copy of the song, you can tell if a message has been inserted.

A message could be hidden in a digital photo on an online auction site, where thousands of people would see it. Analysts could examine the color palette in a digital photo, looking for clues that the file had been manipulated. A photo with a hidden message will have a more limited palette, with blocks of color spaced more closely together.

In 2005, there were 300 steganography programs available to hide secret data within image, sound and text files; today there are more than 1,000. The one that the Russian espionage ring used, however, was not commercially available.

The Washington Post demonstrated steganography in an article that shows what looks like an ordinary photo of a tropical fish. Steganography expert Gary C. Kessler used steganography software to embed within the fish image a map of the Burlington, Vt., airport. The alteration is invisible to the naked eye.

About the Author

Trudy Walsh is a senior writer for GCN.

Featured

  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.