Definitely. Encryption only tries to obscure the meaning of a message or data, not its actual existence. This means encrypted data or messages can be relatively easy to find, but still difficult to crack. One of the main problems with encrypted messages is that it is easy to detect when encrypted communication occurs. Today's secure protocols, such as S/MIME, need to flag their presence so that programs like your e-mail client know what sort of data is being sent and can handle it correctly. Firewalls that filter network traffic can scan for encrypted messages by looking at the file's identification code.
Because encrypted data is easy to detect, people have tried to conceal when communication is taking place by hiding the existence of the message or data. To achieve this, they rely on steganography. A steganographic message is often first encrypted and then a "covertext," such as a picture or document, is modified in some way to include the encrypted message, resulting in stegotext. Nowadays, a popular steganographic method buries data in the mass of pixels in digital video and audio images. This poses serious problems for law enforcement authorities because steganographic data is hidden within seemingly innocuous files and doesn't trigger surveillance and monitoring systems. To combat this, statistical techniques are used to detect media that has been modified. Because the covertext has to be modified to store the hidden data there, are usually detectable signs within the covertext's normal characteristics that can be used to reveal the hidden message. This detection of steganographically-encoded data is called "steganalysis."
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware ... Continue Reading
The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and ... Continue Reading