[ISN] Internet proves easy way for terrorists to communicate

From: InfoSec News (isnat_private)
Date: Mon Oct 08 2001 - 01:09:19 PDT

  • Next message: InfoSec News: "[ISN] MS Security Plan: OK, Kind Of"

    http://www.nandotimes.com/technology/story/125043p-1308529c.html
    
    By LISA HOFFMAN, Scripps Howard News Service 
    
    (October 6, 2001 2:12 p.m. EDT) - To terrorist cells such as Al Qaeda,
    a picture on the Web can be worth a lot more than a thousand words.
    
    Employing the 21st century version of a concept as old as secrets
    themselves, alleged terrorists affiliated with Osama bin Laden are
    believed to have exploited the vastness of the Internet to hide
    messages between conspirators in what amounts to plain sight.
    
    According to declassified intelligence reports, court testimony and
    computer security experts, bin Laden's network has been a pioneer in
    adapting the ancient art of steganography to the Internet. U.S.
    officials and high-tech researchers seeking to counter such techniques
    are scrambling for methods to detect or derail them.
    
    Online steganography - derived from the Greek words meaning "covered
    writing" - essentially involves hiding information or communications
    inside something so unremarkable that no one would suspect it's there.
    It's the cyber-equivalent of invisible ink or the "dead drops" that
    spies use to pass secrets.
    
    Experts say Al Qaeda, along with the Palestinian terrorist groups
    Hezbollah and Hamas, have used computer software available for free on
    the Internet to communicate via virtually undetectable messages
    embedded electronically within innocuous photographs or music files of
    the sort that millions of Internet users send to each other each day.
    
    Using it as a ruse, bin Laden's terror operatives allegedly have been
    able to bury maps, diagrams, photos of targets and messages within
    popular music, auction and sports sites as well as pornographic chat
    rooms - incongruous territory for devout Muslim fundamentalists.
    
    Secrets even can be hidden in spam, the millions of unwanted e-mail
    messages ricocheting daily across the Internet that barely register
    with most users before they delete them. Communicating this way makes
    it extraordinarily difficult for law enforcement to pick up on, much
    less interdict or trace.
    
    "The sender can transmit a message without ever communicating directly
    with the receiver. There is no e-mail between them, no remote logins,
    no instant messages," wrote Bruce Schneier of Counterpane Internet
    Security. "Steganography is a good way for terrorist cells to
    communicate... without any group knowing the identity of the other."
    
    It's an old concept, written about in 474 B.C. by Greek historian
    Herodotus, who described how Histiaeus of Miletus shaved the head of a
    slave and tattooed a secret message on his scalp. When the slave's
    hair grew back, Histiaeus dispatched him to the Greeks, who shaved the
    slave's head and read the message.
    
    During World War II, invisible ink was used by all sides. And the
    Germans perfected the use of "microdots," in which a page of writing
    could be reduced to the size of a dot on a letter - only to be
    enlarged by the recipients and read.
    
    Computer steganography essentially piggy-backs information on empty or
    unimportant spaces in digital files. But those who want to employ the
    method don't need to understand the complex concepts at work - all
    they have to do is download software available free or for less than
    $50 from more than two dozen Internet sites.
    
    Follow the instructions for using the software and, with a few mouse
    clicks, you've hidden a message that is all but undetectable, except
    by the person you have tipped to where to find it.
    
    Photo or music files with such messages embedded are indistinguishable
    to the human eye or ear from identical ones lacking the secret data.
    
    That fact exponentially increases the difficulty for investigators
    trying to track terrorist communications online. "With the volume of
    documents, photos, video and sound files moving on the Internet, there
    is no system powerful enough to analyze every object for hidden
    messages," wrote Barry Collin, research fellow at the National
    Interagency Civil-Military Institute of the National Guard Bureau.
    
    And an interceptor can be hamstrung even more if the hidden message is
    encrypted into code. Bin Laden's network allegedly does just that.
    
    The Justice Department, citing the difficulty of monitoring and
    detecting cyber-communications among terrorists, is asking Capitol
    Hill to relax legal restrictions or force software writers to supply
    their secrecy code "keys" to the government in order to make it easier
    for agents to tap into everyday e-mail on a broad hunt for miscreants
    and de-scramble what they find.
    
    Civil libertarians say such privacy invasions are unnecessary; efforts
    should be directed instead toward techniques to detect and disable
    cyber-steganography.
    
    The intelligence community is hard at work with university researchers
    creating sophisticated detection programs that use complex algorithms
    to conduct statistical tests capable of identifying stenographic
    footprints.
    
    One new software package of interest to the Air Force was developed by
    research professor Jessica Fridrich at Binghamton University in New
    York state. Called "Securestego," it allows a user to return a digital
    image modified by steganography to its original state - that could
    derail such a message before it could reach its intended receiver.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Oct 08 2001 - 11:31:11 PDT