Information Security Mathematics

In organisational cybersecurity, a popular data leak detection method is to send out an email with unique spacing or wording in the content per recipient and see which one ends up being published. Although effective, this method uses obvious markers that can be identified quickly or risk being lost in the process.

We once developed a more surreptitious means of steganographic leak identification based on an old card trick.

It was never detected when used, and even if you know it, you won’t be able to detect it without being extremely paranoid.

All it requires is 2 messages per user and a matrix. 

1. Create an recipient list with n² number of employees in them. You can substitute n with whatever number when squared comes closest to the number of people you want to include in the scan.
2. Create an n x n grid matrix.
3. Populate the grid with recipients, preferably departments per column.
4. Send a message that is unique per column so that people in the same group/department have the exact same message.
5. Rotate the grid data 90°, bringing the columns into rows.
6. For a second time, send a message that is unique per column. This works best in matrix organisations where employees have 2 or more managers.
7. Overlay the 2 grids and use the leaked data (with indicators from both messages) to pinpoint the user that received both permutations.

This two grid system can be used systematically over longer periods of time to cover employee turnover.

This is all fine for detecting leaks after they happen, but what if you want to detect something before it happens, or want to detect a more sophisticated or dormant threat? 

Hybrid attacks, a future risk of sabotage, hacking or industrial espionage? 

For this we use Four Color Theorem to group assets, add scope of influence as a dimension and simulate bespoke crafted events that allow indicators of future risks to emerge by example.

To learn more, get in touch.