The FBI investigation that led to the arrest of 11 Russian spies discovered that their method of communication involved the art of hiding text files within images “Steganography”. More than 100 text files were discovered after officials conducted a search and found the 27-character password being used with the steganography program. The password was located on a piece of paper in a suspect’s home, a rookie mistake by anyone’s account.
John Pironti, president of IP Architects, in his comments to Computer World explained that “Humans don’t really do well remembering passwords beyond six characters, so they write them down someplace,” he says. The real mistake was thinking that the home was secure enough to leave the password lying around.”
Another error made by the spies is the use of a steganography program that is not commercially available.
This program was allegedly developed in Moscow, thus linking the ‘illegals’ to Russia and the suspected Sluzhba Vneshney Razvedki (SVR), the Russian Foreign Intelligence Agency. The program was apparently accessed by pressing ‘Ctrl + Alt + E’ and then inputting the 27-character password.
This major incident brings with it a new interest in Steganographic techniques and already unnamed US agencies are funding research in steganography detection techniques. Steganography itself has a rich background stemming all the way from Ancient Greece. It was also used during World War II in the form of invisible inks.
If you want to know more about Steganography, Jim Wingate gave an introduction to Steganography in Issue 3 of Digital Forensics Magazine and has a follow up article in the soon to be released, Issue 4.