Democratic Underground - FBI: SPIES Hid Secret Messages on Public Websites

>

The image above contains a hidden map of the Burlington, Vermont airport.

<http://www.fbi.gov/hq/lab/fsc/backissu/july2004/research/2004_03_research01.htm>

" Moscow communicated with a ring of alleged spies in America by encoding instructions in otherwise innocent-looking images on public websites. It’s a process called steganography. And it’s one of a slew of high-tech and time-tested methods that the deep-cover agents and their Russian handlers used to pass information — from private wi-fi networks to buried paper bags.

Steganography is simultaenously one of the oldest methods for secret communications, and one of the more advanced. The process dates back to the 5th Century BCE, when the Greek tyrant Histiaeus shaved the head of one of his servants, tattooed a message on his head, and waited for his hair to grow back before sending the messenger out. When the courier arrived, his head was shaved and the missive was read, giving information about upcoming Persian attacks. Later on, secret inks were used on couriers’ backs. Morse code messages were woven into a sweater was worn by a courier.

As information went digital, steganography changed. Messages could be hidden in the 1s and 0s of electronic files — pictures, audio, video, executables, whatever. The hidden communications could even be slowly dribbled into the torrent of IP traffic. Compression schemes — like JPEG for images or MP3 for audio — introduce errors into the files, making a message even easier to hide. New colors are tones can be subtly added or removed, to cover up for the changes. According to the FBI, the image above contains a hidden map of the Burlington, Vermont airport.

Both before and after 9/11, there were rumors in the media that Al Qaeda had begun hiding messages in digital porn. That speculation was never confirmed, as far as I can tell.

The accused Russian spy network started using steganography as early as 2005, according to the Justice Department’s criminal complaint against the conspirators, unsealed yesterday in Manhattan. In 2005, law enforcement agents raided the home of one of the alleged spies. There, they found a set of password-protected disks and a piece of paper, marked with “alt,” “control,” “e,” and a string of 27 characters. When they used that as a password, the G-Men found a program that allowed the spies “to encrypt data, and then clandestinely to embed the data in images on publicly-available websites.”

The G-Men also found a hard drive. On it was an address book with website URLs, as well as the user’s web traffic history. “These addresses, in turn, had links to other websites,” the complaint notes. “Law-enforcement agents visited some of the referenced websites, and many others as well, and have downloaded images from them. These images appear wholly unremarkable to the naked eye. But these images (and others) have been analyzed using the Steganography Program. As a result of this analysis, some of the images have been revealed as containing readable text files”

These messages were used to arrange meetings, cash drops, deliveries of laptops, and further information exchanges. One of the steganographically-hidden messages also directed the conspirators to use radiograms — a decades-old method to pass information, long discedited in spooky circles. “The FBI must have been clapping its collective hands when it discovered the primitive radio techniques the Russians were using: high speed ‘burst transmissions,’” writes SpyTalk’s Jeff Stein. “The Cold War-era technique requires the sending party to record a coded Morse code message on a tape, then shoot it through the air in a millisecond. They were easy picking for the FBI, once it knew where to listen.”

According to the FBI, bugs in the spies’ homes picked up “the irregular electronic clicking sounds associated with the receipt of coded radio transmissions.”

“Likewise, you’d think the Russians would have moved beyond buried paper bags to pay their agents. Moscow Center did supply them with ATM cards, according to the FBI’s affidavit. But it also seems stuck with the old ways,” SpyTalk adds.

But maybe not. “METSOS secretly buried some of the money in upstate New York,” the FBI affidavit says, referring to one of the defendants, “and two years later, in 2006, the Seattle Conspirators flew to New York and dug it up.”

<http://www.wired.com/dangerroom/2010/06/alleged-spies-hid-secret-messages-on-public-websites/#more-26701>

.

FBI: SPIES Hid Secret Messages on Public Websites [View All]