Home page logo

isn logo Information Security News mailing list archives

Internet proves easy way for terrorists to communicate
From: InfoSec News <isn () c4i org>
Date: Mon, 8 Oct 2001 03:09:19 -0500 (CDT)


By LISA HOFFMAN, Scripps Howard News Service 

(October 6, 2001 2:12 p.m. EDT) - To terrorist cells such as Al Qaeda,
a picture on the Web can be worth a lot more than a thousand words.

Employing the 21st century version of a concept as old as secrets
themselves, alleged terrorists affiliated with Osama bin Laden are
believed to have exploited the vastness of the Internet to hide
messages between conspirators in what amounts to plain sight.

According to declassified intelligence reports, court testimony and
computer security experts, bin Laden's network has been a pioneer in
adapting the ancient art of steganography to the Internet. U.S.
officials and high-tech researchers seeking to counter such techniques
are scrambling for methods to detect or derail them.

Online steganography - derived from the Greek words meaning "covered
writing" - essentially involves hiding information or communications
inside something so unremarkable that no one would suspect it's there.
It's the cyber-equivalent of invisible ink or the "dead drops" that
spies use to pass secrets.

Experts say Al Qaeda, along with the Palestinian terrorist groups
Hezbollah and Hamas, have used computer software available for free on
the Internet to communicate via virtually undetectable messages
embedded electronically within innocuous photographs or music files of
the sort that millions of Internet users send to each other each day.

Using it as a ruse, bin Laden's terror operatives allegedly have been
able to bury maps, diagrams, photos of targets and messages within
popular music, auction and sports sites as well as pornographic chat
rooms - incongruous territory for devout Muslim fundamentalists.

Secrets even can be hidden in spam, the millions of unwanted e-mail
messages ricocheting daily across the Internet that barely register
with most users before they delete them. Communicating this way makes
it extraordinarily difficult for law enforcement to pick up on, much
less interdict or trace.

"The sender can transmit a message without ever communicating directly
with the receiver. There is no e-mail between them, no remote logins,
no instant messages," wrote Bruce Schneier of Counterpane Internet
Security. "Steganography is a good way for terrorist cells to
communicate... without any group knowing the identity of the other."

It's an old concept, written about in 474 B.C. by Greek historian
Herodotus, who described how Histiaeus of Miletus shaved the head of a
slave and tattooed a secret message on his scalp. When the slave's
hair grew back, Histiaeus dispatched him to the Greeks, who shaved the
slave's head and read the message.

During World War II, invisible ink was used by all sides. And the
Germans perfected the use of "microdots," in which a page of writing
could be reduced to the size of a dot on a letter - only to be
enlarged by the recipients and read.

Computer steganography essentially piggy-backs information on empty or
unimportant spaces in digital files. But those who want to employ the
method don't need to understand the complex concepts at work - all
they have to do is download software available free or for less than
$50 from more than two dozen Internet sites.

Follow the instructions for using the software and, with a few mouse
clicks, you've hidden a message that is all but undetectable, except
by the person you have tipped to where to find it.

Photo or music files with such messages embedded are indistinguishable
to the human eye or ear from identical ones lacking the secret data.

That fact exponentially increases the difficulty for investigators
trying to track terrorist communications online. "With the volume of
documents, photos, video and sound files moving on the Internet, there
is no system powerful enough to analyze every object for hidden
messages," wrote Barry Collin, research fellow at the National
Interagency Civil-Military Institute of the National Guard Bureau.

And an interceptor can be hamstrung even more if the hidden message is
encrypted into code. Bin Laden's network allegedly does just that.

The Justice Department, citing the difficulty of monitoring and
detecting cyber-communications among terrorists, is asking Capitol
Hill to relax legal restrictions or force software writers to supply
their secrecy code "keys" to the government in order to make it easier
for agents to tap into everyday e-mail on a broad hunt for miscreants
and de-scramble what they find.

Civil libertarians say such privacy invasions are unnecessary; efforts
should be directed instead toward techniques to detect and disable

The intelligence community is hard at work with university researchers
creating sophisticated detection programs that use complex algorithms
to conduct statistical tests capable of identifying stenographic

One new software package of interest to the Air Force was developed by
research professor Jessica Fridrich at Binghamton University in New
York state. Called "Securestego," it allows a user to return a digital
image modified by steganography to its original state - that could
derail such a message before it could reach its intended receiver.

ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]