Secrets hidden in plain sight

Document Sample
Secrets hidden in plain sight Powered By Docstoc
					FRIDAY SEPTEMBER 14, 2007 Lloyd’s List                                                                                                                                                                                   Review                   9


Secrets hidden in plain sight
An innocent looking
picture can conceal
enough data to present
a security threat
Alan Woodward

A PICTURE, they say, is worth a thousand
words. But businesses wanting to guard
against the threat of vital data being delib-
erately leaked to unauthorised people out-
side, or even inside, the organisation,
need to get to grips with the alarming real-
ity that a picture can also conceal a thou-
sand words.
   Or in some cases, even up to around
5,000 words.
   More than enough to betray all your
most precious and commercially sensitive
data — locations of newly-discovered oil
fields; formulae for synthesising newly-
discovered molecules of breakthrough
drugs costing millions or even billions to
develop; designs of revolutionary prod-
ucts you are planning on being the first to
bring to market; ultra-sensitive lists of
hard-won customers; you name it.
   The idea of data concealed in pictures
might sound like the plot of the next Mis-
sion Impossible movie, but it is not.
   And unless you are prepared to let any
Tom, Dick or Harry cruise around your
precious data, you need to be aware of the
threat it poses.
   The technique used is called steganog-
raphy, from the ancient Greek meaning
hidden or covered writing — just as the
stegosaurus was named because its back
was covered in bony plates, whose real                 Now you don’t see it: although seemingly identical, the image on the left has a 5,000 word concealed message hidden within its coding.
purpose is a mystery even today.
   But steganography was not a mystery to              nographic writing does not tend to set             By far the biggest type of threat is the         In a computerised image whose size is         The technique they use is known as ‘stega-
the Ancient Greeks, indeed they most                   alarm bells ringing.                            potential for concealing steganographic          256 by 256 pixels, making a total of 65,536      nalysis’.
likely invented it.                                       It looks innocent, whereas a message         writing within computerised images. In           pixels, there would easily be room to con-          Steganalysis is as much an art as a sci-
   The Greek historian Herodotus records               “BUY IBM” encrypted in a simple code            Microsoft Windows you can literally drag         ceal, say, about 5,000 words of data.            ence. The detection tools need to be
that in 312 BC, Histaeus of Miletus com-               that consisted, say, of substituting each       and drop your hidden text onto a picture            This method of concealment is known           deployed so that the appropriate steganal-
manded the head of his most trusted slave              letter for the next letter in the alphabet —    and the deed is done.                            rather quaintly as ‘bit twiddling’.              ysis resource is used in the appropriate sit-
to be shaved and tattooed with a vitally               “CVZ JCN” — obviously looks suspect and            Information remains the most valuable            An obvious place to conceal a secret          uation. Admittedly, this is not easy, when
important secret message on it.                        would be certain to awaken the suspicions       commodity and it is precisely that which         message would be within a computerised           the range of steganography tools and the
   Once the slave’s hair had grown, hiding             of even the most credulous member of an         can so easily be given away or sold using        picture that does not show any apparent          steganalysis counterparts have prolifer-
the message, Histaeus sent him as an                   industrial espionage prevention team.           image-based steganographic techniques.           changes.                                         ated and are proliferating just as the threat
emissary to a friendly power via enemy                    The point is that any encrypted mes-            What is actually happening when you              Bit twiddling is the most common way          from viruses did when they first emerged
territory to instigate a revolt against the            sage will tend to raise suspicions because      carry out what looks like a simple drag          to conceal text within a computerised            into the IT environment.
Persians.                                              even though it cannot easily be read you        and drop?                                        image.                                              Charteris began its own anti-steganog-
   This example from history shows that                will know it has been encrypted and will           An electronic image is comprised of              There are many more techniques,               raphy work as a technical exercise but
steganographic writing can be a danger-                instantly conclude that something fishy is      thousands of ‘picture elements’ or ‘pixels’ .    though, particularly when using image            soon became alarmed at what its experi-
ous threat to security. Friends who betray             going on.                                       A pixel is a binary number that provides         formats such as the now ubiquitous jpeg          ments were showing: not just about the
us are always a more potent threat than                   In modern business, the threat of stega-     information on the colour or the shade of        which many will have encountered                 power of the steganography tools availa-
people we recognise as enemies from the                nography has recently become a major            grey that should be displayed in that par-       through their digital cameras.                   ble, but also about the degree of care that
outset, and steganographic messages look               issue in corporate life. It’s actually been a   ticular pixel.                                      So what is the best way to guard against      needs to be applied to combat this potent
friendly and innocent.                                 significant threat for several years as com-       The binary number will look something         image-based steganographic betrayal?             security hazard.
   You could devise a simple stegano-                  puting power available on the desktop has       like 10011011, depending on the pixel in            The first step is to recognise that it is a      Taking the threat of betrayal by appar-
graphic message by agreeing with your                  increased.                                      question.                                        potential problem and get help to under-         ently innocuous pixels seriously will lead
recipient that your real message will con-                But users have been distracted by pub-          The individual numbers (the 1 or the 0)       stand what tools are likely to be available      you to put into practice the measures nec-
sist of the first letter of every word of your         licity about cryptography, and steganogra-      are known as ‘bits’ and the further along        to a malicious team member. You also             essary to defend against it. And you do
apparent message.                                      phy has rather remained in the back-            you go to the right, the less significant the    need to know the manner in which these           need to take this threat very seriously
   “Bring us your invoice by Monday” for  ,            ground.                                         bits become in defining the precise colour       tools can be used because they often leave       indeed.
example, would really mean “BUY IBM” In     .             It is a particularly worrying threat now     of the pixel.                                    little trace of their presence. Some are            The stegosaurus may be long extinct,
steganographic writing the apparent mes-               because of the the massive volume of elec-         Why does the opportunity for steganog-        even termed ‘zero footprint’ by those who        but steganographic treachery is, unfortu-
sage is known as the cover text and the                tronic communications, and the number           raphy exist? Because while each pixel is         develop them.                                    nately, here to stay.
real message is called the plain text.                 of freely available tools that allow even a     defined by a series of bits, some of these          But help is at hand because dedicated            Alan Woodward is chief technology
   The innocuous appearance of the cover               routine user to employ steganographic           bits can be changed without affecting the        teams of experts have been making availa-        officer at the business and information
text in the example illustrates why stega-             techniques.                                     resulting pixel to any discernible extent.       ble tools to help detect steganography.          technology consultancy Charteris.



A Tudor tale of cunning, Unsung heroes of Admiralty salvage
greed and dastardly plots finally awarded due recognition
Terry Sutton                                           to that of Drake’s previous expedition,”        Sandra Speares                                   they did so because of the dangers of the        opposed by the Chamber of Shipping at
                                                       Wilson says. Walsingham knew his mis-                                                            job. An early, and ultimately unsuccessful,      the time, who argued that a fair deal on
                                                       tress well enough to be sure that she                                                            salvage operation in 1906 was that of the        salvage awards would not be possible if
IN MORE dangerous times, England’s                     would be dazzled by the gold once it was        ADMIRALTY salvage, both in war and in            Montague, which the author describes as          the Admiralty had an effective state
principal secretary to the Queen financed              seized. But at the last minute, Elizabeth       peacetime, has never received the recog-         a good example of what happens when a            monopoly on salvage. The Admiralty’s
pirate raids from his own pocket just to               ordered the project to be put on hold, by       nition it deserves, with tales of heroism by     senior naval officer with no understanding       relationship with commercial salvage
provoke foreign owners.                                which time, as Drake pointed out, it was        salvage crews often going unacknowl-             of salvage is in control.                        companies was equally strained, particu-
   That was more than 400 years ago,                   too late, anyway.                               edged by the authorities and the public.            “Throughout the next hundred years,           larly as far as compensation payments in
when Protestant England was threatened                    The treasure fleet had safely reached           Author Tony Booth, whose previous             this familiar pattern would unfold all too       the event of salvors’ deaths during opera-
by a dangerously Catholic Spain.                       Spain and Drake had to pay off his men          book documented the mammoth task of              regularly as the salvage section and the         tions were concerned.
   The courtier trying to provoke trouble              and sell all his provisions.                    salving the German fleet scuttled in Scapa       rigid naval command structure at the time           Skilled salvage operators were at a pre-
was Sir Francis Walsingham, born in Kent                  He may have been thwarted in this par-       Flow at the end of the First World War, has      clashed over how best to save ships,”            mium and over-stretched during the war
around 1532, and who died in 1590.                     ticular escapade, but Walsingham still          set out to remedy the omission with a look       Booth says.                                      years. It was not uncommon for a senior
   Author Derek Wilson, an authority on                proved to be an expert intelligence chief       behind the scene of some the most daring            A more successful war time salvage was        salvage master to have more than 12 oper-
the Tudor period, paints a picture of the              and top spycatcher for his Queen.               salvage operations of the last century.          that of the hospital ship Asturias, with a       ations in progress at the same time.
Kent-born Walsingham as a venture capi-                   Jesuits were secretly putting ashore            If Admiralty salvage really came to the       good account here of the difficulties               Remuneration appears to have been
talist who relished a spot of risk-taking.             Catholic priests and spies in inlets and        fore during the First World War, the con-        encountered by the successful salvors, not       impressive — one salvor was apparently
   He a d m i re d t h e e x p l o i t s o f b o l d   coves in Kent and Essex, whose nefarious        cept was pioneered more than 200 years           to mention the courage of the divers.            earning more than Winston Churchill dur-
mariners like Sir Francis Drake and the                task was to covertly ferment unrest among       ago when HMS Victory’s sister ship, the             The war years also saw amendments             ing the war years — although perhaps not
mercantile explorers so much that he used              the English population in advance of an         Royal George, sank with the loss of nearly       made to the 1894 Merchant Shipping Act           when you consider the risks involved.
his ow n w ealth to sp ons or Drake’s                  invasion by the foreign enemy.                  1,000 lives. The casualty was officially         to enable the Admiralty to claim salvage.           Although much of the book is devoted
1577-1580 voyage around the world.                        But Walsingham, with his army of spies       blamed on rotten timbers, although it is         An early controversial Admiralty salvage         to the two world wars, the author explores
   But Walsingham took a further step,                 and agents in foreign capitals, was able to     suggested here that one of the ship’s offic-     of a general cargo vessel was that of the        some of the major postwar salvage opera-
and one that put his career in jeopardy,               hunt down the interlopers.                      ers was to blame. Some historians claim          Clan Southerland, which was looted by            tions, including those of tonnage sunk in
when he re-invested a substantial chunk                   Several were tortured into giving infor-     the Navy Board was not keen to see the           some of the crew of HMS Bittern during           the Suez Canal during the Suez Crisis.
of profits from Drake’s earlier circumnavi-            mation that could be used against English       ship salved, because it might prove that         the course of the operation. As the crew of         Peacetime salvage operations men-
gational voyage in the Golden Hind in a                Catholic nobles who were plotting against       there was nothing structurally wrong.            the HMS Bittern was subsequently lost in a       tioned here include the salvage of the
venture to attack Spain’s home-returning               the Queen in the hope of returning Eng-            Early innovators in the world of salvage      collision, they were punished posthu-            BOAC de Havilland Comet Yoke Peter, an
fleet carrying silver.                                 land to the religion of Rome.                   were the Deane brothers, who recovered           mously by Mr Justice Hill, by having their       operation to have far reaching implica-
   The scheme was for Drake to take a                     As Wilson points out, this was an            material from the Royal George and also          salvage award withdrawn.                         tions on aircraft design, the Derbyshire
small fleet to Terceira in the Azores and              era of spin-doctors, state-sponsored ter-       discovered the wreck of the Mary Rose.              If the incident was of considerable           and the Al Salaam Boccaccio 98 during
use it as a base to attack the Spanish silver          rorism, with hit men hired to eliminate            The Royal Navy salvage divers’ some-          embarrassment to the Navy at the time, it        which the MOD’s Salvage and Mooring
fleet returning from the New World.                    heads of state and religious fanatics invok-    what bizarre motto: “Grope, Grub & Trem-         is counterbalanced by many moving                Operations division assisted in locating
   Drake’s ships would be flying under                 ing holy war and willing to die a martyr’s          ,
                                                                                                       ble” was in fact a reflection of the difficul-   accounts in the book of the courage and          the black box. The book is a fitting tribute
another flag to preserve the fiction of Eliz-          death. How little some things have              ties the early divers encountered.               self-sacrifice of crews and salvors alike.       both to the salvage industry and Merchant
abeth’s lack of involvement in the affair.             changed.                                           Those working on underwater wrecks               At the outbreak of the Second World           and Royal Navy crews.
   “In reality the Queen and Walsingham                   Sir Francis Walsingham, a Courtier in        had to grope their way through them in           War, further changes were proposed to               Admiralty Salvage in Peace & War
were to be major backers in the venture,               an age of Terror, by Derek Wilson. Pub-         the dark, search for and pull up (or ‘grub’)     legislation which would effectively give         1906-2006 by Tony Booth is published in
and hoped for a pecuniary return similar               lished by Constable in hardback £18.99          material by hand, trembling with fear as         the Admiralty full salvage rights, a move        hardback by Pen & Sword, £19.99.