Steganography explained: Meaning, types, and examples
Steganography is a word for the old art of hiding secrets in plain sight. As communication has changed, so have the methods for hiding it. Discover the tool used by spies, government agencies, and other mysterious individuals.
Table of Contents
Table of Contents
What is steganography?
Steganography is a technique used to hide information in digital media files and even physical objects. Various organizations, hackers, and even governments use this method to hide data in plain sight. Modern steganographic techniques make it possible to hide virtually any type of digital data: images, audio, text, or video. Secret information can travel through networks in innocuous files and then be extracted at the destination.
Steganography is a centuries-old tradition. In the past, people wrote their secret messages in invisible ink between visible lines to avoid suspicion, or they hid information in Morse code on spools of yarn. Today, information and the way it is hidden is often digitized. Therefore, digital steganography has replaced old techniques and continues to be commonly used. In cybersecurity, steganography plays an important role, allowing stronger data protection.
How does steganography work?
Stenography is meant to hide information in a way that avoids suspicion. Therefore, modern steganography techniques focus on embedding data in innocuous files so that they can pass through networks without unwanted parties discovering their hidden meaning.
Several techniques are used in data hiding. It all depends on what you want to hide and where. Various programs – many of them free – allow anyone to conceal data in media files. Steganography is used by security experts, spies and hackers as well as by artists, for example, because it allows them to place hidden watermarks on their artwork and detect illegal copying.
Below are some of the most popular steganography techniques used in various areas.
Main steganography techniques
Many ways have been developed to hide information in plain sight, and some of them include:
- Least significant bit (LSB) steganography LSB steganography is the most widely used technique for data hiding. It involves converting each least significant bit of data into a bit of a secret message translated into binary code so that when all these bits are put together, a message is formed. It works well with image files because it is easy to modify binary pixel values without visibly changing the image. The same method can be applied to audio and video files. Data hidden in the least significant parts of the files may contain information, but it doesn’t change the way people see or hear the media.
- Word and letter substitution. This method of steganography is probably familiar to you – you may have used it as a child to pass secret messages to friends. It involves letter (or word) substitution. In this technique, the hidden text can be recovered after replacing some letters with others.
- Network steganography. In network steganography, information can be hidden not in the file or message itself, but in the protocol used by the network to communicate. For example, data can be embedded in the TCP/IP headers, which typically contain the information needed for a data packet to reach its destination.
How do hackers use steganography?
Hackers also use steganography to hide malicious code in seemingly innocent files. The code can run on its own or, in more sophisticated attacks, trigger the download process for common types of malware from an internet source without the user knowing.
Everything needed to download and run the malicious files can be hidden in images, videos, audio files, or work-related documents, such as Word or Excel files with macro support.
What are the 5 types of steganography?
The five main types of steganography differ in the type of media used. For each are various steganographic techniques. Messages can be hidden in countless ways, and you are only limited by your imagination and technology, which continuously develops.
Image steganography
Image steganography is a way of hiding data in an image so that the image remains almost the same, but secret data can be extracted from it. A person can achieve this effect in various ways. One is to change the image’s pixel values using the least significant bit technique.
In the red-green-blue (RGB) system, which is commonly used to represent colors in electronic systems, the color of each pixel is described by values that represent the proportions of red, green, and blue. For example, the color described in binary as 11111111, 11111111, 00000000 is bright yellow. Changing these numbers would allow you to embed a message in the image’s pixel color values.
For example, you could swap the last digit of each number in a certain way – then someone who knows what to look for would be able to extract the message. At the same time, the color changes would be invisible to the human eye, and no one would suspect that the image contained hidden information.
Hiding and receiving secret messages in image files is accessible thanks to programs available for download, such as OpenStego, which allows data to be hidden in “cover” files.
Audio steganography
Audio steganography is more difficult than image steganography but still possible. Digital audio uses binary code, just like images and other files, so it’s possible to modify it in a way that allows a message to be hidden.
The principle remains the same as in image steganography: The person hiding the message changes the audio values of the files in a certain way to embed a message, but the changes are so minimal that they would be impossible to hear.
One of the more fun examples of audio steganography is backmasking – hiding a message in an audio file so that it becomes intelligible when played in reverse. Music artists sometimes use this method to engage their fans and inspire a sense of mystery around their songs.
Other ways to hide messages in audio files include echo hiding, which includes short inaudible echo signals following “host” signals, or utilizing silence intervals to encode data.
Video steganography
Video steganography is similar to image steganography but allows much more data to be hidden. Videos are essentially frames that are displayed in rapid succession. Each frame is a separate image that can hide a message through various image steganography methods. These images can then be recombined to create a video containing a separate message in each frame.
Text steganography
Text steganography is one of the oldest methods of steganography – when people invented writing, they also invented hiding information in their written messages. Text steganography techniques can range from simple and manually decipherable to more complex.
One example of text steganography is letter substitution. Some letters can be replaced with other letters, and once substituted back, the secret message can be revealed. However, this method has a drawback: A “cover” message with substituted letters can look scrambled and strange, which strongly suggests something hiding underneath.
Messages can be hidden in the text through letter size, spacing, or other difficult-to-notice characteristics so that only the person who knows they are there can read them.
Network steganography
Network steganography hides data using popular communication protocols instead of the files and messages themselves. For example, the TCP/IP header contains information that allows data packets to reach their destination, but it can be slightly modified to contain hidden data.
Network steganography holds promise for network security and cybersecurity experts but can also potentially be exploited by malicious actors.
Examples of steganography in cyberattacks
Steganography plays a key role in cybersecurity. It allows for stronger data protection measures, but criminals use it, too. As a result, security experts need to keep up with their methods.
Here are some notable cyberattacks that used steganography:
- In 2020, ecommerce security firm Sansec published a report saying it had found skimming malware on various checkout pages. Such malware is designed to skim credit cards and extract other user data from websites, and in this case, it was hidden in visual elements in SVG format. Because the elements looked perfectly fine, scanners were unable to detect that they were malicious.
- In 2022, cybersec firm Proofpoint revealed a report detailing new malicious activity that affected French construction, real estate, and government entities. The attacker used steganography to hide a malicious script inside an image in a Word document, which pretended to be information related to GDPR rules. The script triggered the download of a backdoor, which then installed itself on the victim’s device.
- In 2023, several cybersecurity news outlets informed their readers about a North Korean cyber espionage hacking group called RedEyes, which used phishing and steganography to spread malware that targeted vulnerabilities in the popular Internet Explorer browser. The attack chain started with a phishing email that contained a malicious attachment that, when downloaded, triggered the download of a JPEG file with hidden malicious code.
Differences between steganography and cryptography
The words steganography and cryptography sound somewhat similar because they’re both related to protecting information from third-party access, but they’re not the same. Here are the main differences:
Steganography | Cryptography |
---|---|
Doesn’t use keys; information is hidden in plain sight. | Uses cryptographic keys for the encryption and decryption of information. |
Strives to hide the existence of a message, not the message itself. | Strives to hide the meaning of information, not its existence. |
It doesn’t usually change the structure of data. | Changes the structure of data. |
The goal is to hide information from those who don’t know what to look for. | The goal is to make information unreadable even to those who can access it but don’t have the key. |
Both cryptography and steganography are used in cybersecurity, often together, providing stronger security measures through different mechanisms.
Want to read more like this?
Get the latest news and tips from NordVPN.