Spycraft - Melton [261]
It is possible to conceal data digitally inside music or video files in ways that make them sound and appear to be unaltered. Audio files can conceal information by altering digital bits of the file that are inaudible to the human ear. Graphic images allow the redundant bits that make up the colors to be altered in a way that appears identical to the human eye.22 The secret messages are concealed within the bits of data. If someone does not have the original, or host file to serve as a comparison, the altered covert files with hidden messages can be very difficult to detect—especially so when combined with millions and millions of e-mails and file attachments that are sent daily over the Internet. Steganographic software uses an algorithm to embed data in a host image or sound file, and a password scheme for retrieving the information as illustrated in the graphic on page 454.23 Professional intelligence services may use advanced steganography programs to incorporate encryption programs for additional security in case the message should be discovered.24
Digital technology has also reformed the classic microdot technique of using tiny pieces of film less than 1 mm square to conceal a page of text. It is now possible to create and embed large quantities of digital information inside tiny e-mail electronic “dots.” Once created, “digital dots” can be concealed in a variety of unconventional methods that defy detection. Virtually any type of digital file can be modified to conceal information, rendering the counterintelligence task not one of finding a needle in one haystack, but rather that of searching millions of haystacks without even the aid of a magnet.
Dead drops were used extensively during the Cold War as hiding places for information and money exchanges between the spy and handler, but subjected both to the risk of exposure and arrest.25 Using the Internet, it becomes possible to create e-mail accounts to send and receive digital files and messages anonymously.
A secure digital dead drop e-mail account can be easily created from a personal laptop computer by anonymously signing up with an Internet service provider who offers a period of free access without requiring a credit card. From that newly created intermediate account, the user can log on to any similar service and create a second anonymous account to serve as the dead drop. Anyone can send digital files to the dead drop account and, with knowledge of the primary account password, content can be downloaded from anywhere in the world. To protect the security of the dead drop, users log on anonymously from the intermediate access account. America On Line and other Internet service providers also allow users to save an uncompleted e-mail or document onto the provider’s hard drive to be retrieved later. This feature lets conspirators possessing the primary account password communicate by retrieving and editing the stored document without ever sending it as an e-mail or attachment. Regardless of the techniques used, for greatest security, the hard drive of the laptop would be wiped after each Internet session.
The options for covert communications using digital technology appear endless and remain a persistent problem for counterintelligence. Intelligence services anonymously establish e-mail accounts under fictional individual or business names and use them to receive coded messages and digital files from sources. The e-mail addresses, similar to a postal accommodation address, have no public association with the intelligence service and if necessary can be only once and discarded. Use of such an account would not be for agents in high-risk countries, but offers a method of anonymous communication elsewhere. A simple e-mail to a “notional account” could mask a coded communication, which would be unbreakable