In June this year, it was revealed that a Russian Spy Ring had been using Steganographic images to send secret messages to each other. A series of small, basic mistakes led to the spy ring being uncovered by the FBI and resulted in the arrest of 11 suspects.
A few weeks ago, it was noticed that a top website for distributing steganography freeware and anti-forensic tools had been ‘temporarily disabled’.
I spoke to one of DFM Authors Jim Wingate, who is the Director of the Steganography Analysis and Research Center (SARC) and Vice President of Backbone Security who explained that, “We have been visiting stegoarchive.com at least every 2-3 months for the past several years because we are continuously searching for new steganography applications, or new versions of old applications, to add to our steganography application archives”.
Suddenly, not too long after the story broke about the Russian spies and how they used steganography to communicate covertly, stegoarchive.com drops off the net. Over 30 days have passed and the site is still down. Surely, that is not simply a coincidence.
Jim went on to say “I’m not into conspiracy theories so I will not offer a tantalizing scenario as to how the two events may be linked. At the same time though, it doesn’t take too much of a stretch of the imagination to find a linkage between the two events and conjure up a scenario as to why the site, a publicly accessible source of a large number of freeware and shareware steganography applications, is down and remains down to this day.”
Jim has written two articles on Steganography for DFM so far and more are planned. In issue 3 Jim gave an intro into the subject of Steganography ad follow this up in Issue 4 with a more detailed view of how Steganography works. Future articles will deal with anomaly detection and signature detection.