How even the dumbest Russian spies can outwit the NSA

By Jon Stokes.

By now, you’ve no doubt heard of the Russian spy ring that was recently busted in the US, and you’ve also probably heard that they apparently weren’t very bright. The complaint filed in their case documents a litany of unprofessionalism and carelessness, from leaving written passwords out in the open to asking a federal agent posing as a fellow spy to troubleshoot a laptop without even bothering to check back with HQ to see if the "spy" was legit.

But as incompetent as these spies were, they were bright enough to at least partially outwit the large-scale e-mail snooping efforts of the NSA’s backbone taps and multibillion-dollar datacenters. How? By using steganography to encode secret text messages in image files, which they then placed on websites.

After searching one spy’s apartment, law enforcement agents found a computer and made a copy of its hard drive for later analysis. On the hard drive they found an address book containing website links, which the agents visited and downloaded images from.

The complaint notes that "these images appear wholly unremarkable to the naked eye. But these images (and others) have been analyzed using the Steganography Program. As a result of this analysis, some of the images have been revealed as containing readable text files."

The steganography program used to decode the images was also on one of the hard drives copied in the search; it was this hard drive which was password protected, and which the agents were able to unlock because the 27-character password was written down on a piece of paper and left lying out in the open on a desk. Clearly, the spies would have been better off with a much shorter password that could have been memorized versus a too-long one that they had to write down and keep nearby… Read More>>


Comments are closed.

%d bloggers like this: