Small Business Attack – Steganography

Steganography is talked about a lot in the security field, but not much outside of it.  Though there are many forms of varying complexity, at it’s core all you need to know that steganography incolves hiding data inside of other data.  It is commonly used with pictures, but it can be applied to pretty much any file.  Any file that you may need to use in your business could be used as a conduit for other data.

Take, for example, this photo, which is on your website (maybe you sell bone adhesives, I don’t know):

Suppose that you had some top secret data that you wanted to hide (clearly highly confidential):

An attacker could use one of many tools to embed the highly confidential image within the safe one, and most people would be none the wiser. For example:

(For the technically inclined, I used stegotools and the last 2 bits to hide the image. Try it out if you like.)

It’s important to realize that this example is highly contrived. In the real world, attackers can use any file at all and any transport mechanism:

  • Logos on a web site
  • Press releases emailed out
  • Financial documents on CD

If you have any confidential data at all, and any way to communicating with the public, the data can be leaked. How can you protect yourself?

(A thank you goes out to kordite and The Metro Library and Archive for making their images available on under the Creative Commons, and allowing me to make some really bad puns.)

Security Lessons from Nature – Prairie Dogs

It must have been quite the surprise as American settlers moved Westward and encountered their first prairie dog town.  As they traveled, they would have seen first one strange little rodent, then another, then a few more, then maybe thousands.  They would have observed that they live in a large subterranean community and work together to protect the colony.  Lewis and Clark themselves observed that they could pour five barrels of water into a hole without filling it.

While this may seem somewhat cruel by modern standards, one has to note that it’s not like prairie dog colonies never encounter rain.  In fact, that’s the point of today’s post.  Prairie dogs work together to build a massive underground complex.  They will raise their children below ground and forage for food above ground.  Over the millions of years that they have been honing this system, they have learned to maximize their security infrastructure.

In the prairie dog’s world, there are many threats.  For a subterranean colony, the threat of rain is pretty significant.  If insufficiently reinforced, the tunnels could collapse and crush the little critters.  If improperly designed, water could flow into the nursery areas and drown the pups.  Simply being underground protects the prairie dogs against predators like hawks and coyotes.  However, other predators like snakes and weasels have managed to adapt.  To defend against incursions from predators such as these, the colonies have a very complex array of tunnels that only the prairie dogs know how to navigate.  (Though this has proven less effective against some.)  Prairie dogs supplement their security with a complex warning system of alarm calls where the sentries will stand on a high outlook and issue a shrill “eep” when danger approaches.

So, while all of this is useful if you happen to be one of many communal rodents, what does it mean for those of us who happen to work in the business world instead?  The first thing to remember is that infrastructure planning is important. Consider building in excess capacity.  Your network may be able to handle ordinary traffic, but could it handle the torrential downpour of traffic that would result from sudden Internet popularity?  That said, it’s important to realize that not even prairie dogs built infinite capacity.  They withstood the attempted denial of service attack by Lewis and Clark, but they wouldn’t have survived a distributed attack by thousands of Lewises and Clarkses (sorry).  So, while capacity planning is important, it’s not everything… your infrastructure also has to be adaptable.

Instead, it would be wise to build a slight excess of capacity to handle the peaks of usage and then invest in some sentries.  Just as prairie dogs monitor for specific dangers and issue alarms for birds of prey, snakes and canines (and, at the zoo, monorails), you could monitor your network for malware, DDOS attacks and internal intrusions.

I would, however, recommend that the alarms not involve standing atop your building and “eep”ing.  Email or SNMP might make better sense.

subterranean
Other Sites: Business, Photos/Conservation

Get the feed (RSS):



Josh More - Entropologist
Expert in removing chaos from
I.T. and business systems.