Trojan Horse (17 page)

Read Trojan Horse Online

Authors: Mark Russinovich

BOOK: Trojan Horse
10.06Mb size Format: txt, pdf, ePub

“Why would the Chinese care about a United Nations report on the Iranian nuclear program?” Daryl asked.

“My guess,” Frank said, “since we’re talking about Iran here, is that oil is the connection. China already has a well-developed nuclear weapons capability at a time when the mullahs are creating their own. Iran has lots of oil and China needs it.”

Jeff and Daryl often encountered Chinese penetrations when working for government agencies or government contractors. On occasion, they were able to trace the “call home” feature of the virus to a server located in China; far more often they did not.

Chinese cyber penetrations were noted for the extensive reconnaissance that preceded the actual penetration. Before making the effort they gathered as much information about the computer system and the people using it as they could. They determined what data would be available and which additional networks they could infect when access was accomplished. Once inside, they moved with incredible caution so as not to alert the IT team.

To this end valuable data was most often moved to e-mail servers, since they handle large volumes of data. There, the stolen files were renamed to avoid suspicion, then were compressed and encrypted before being exported. In one case such an attack had utilized eight computers at U.S. universities as drop boxes before transmitting the stolen data from them. They then distributed it to more than ten countries before it was finally funneled back to the highly secretive PLA Cyber Warfare Center.

A Pentagon report said that the Chinese military was making “steady progress” acquiring online-warfare techniques, believing that its computer skills could help compensate for its underdeveloped military. It was usually not possible to make that final connection to China but the sophistication of the cyber-attacks and the nature of the data stolen left only one possible conclusion in many cases. One such Chinese attack on the computers at Oak Ridge, Tennessee, for example, had successfully obtained nuclear development data. DOD weapons programs were routinely extended. In one penetration, between ten and twenty terabytes of classified and highly sensitive data was downloaded. Considering that the entire Library of Congress consisted of twelve terabytes, the loss was enormous.

For all that, the most disturbing penetration was the Chinese systematic mapping of the American electrical grid. They’d dropped software all over it and no one knew what it was meant to do, or when it would be called on to do it. No sooner was it located and removed or neutralized than fresh code took its place, often not discovered for months. In the event of a national emergency, the justified fear was that some computer tech in China would send a command and the entire United States power supply would cascade into darkness. It might take weeks, even months, to rebuild and there was no knowing what might happen while most of the U.S. national defenses were blacked out.

“So you’re suggesting,” Daryl said, “that Iran is giving China low-cost oil in exchange for nuclear weapons assistance. And this cyber operation is meant to advance Iran’s agenda?”

“It’s a theory at least, though one beyond our purview. Let’s see if we can link this thing back to the Reds. My report will pack more punch if we’ve actually made the connection.” He paused, then asked, “Do you have any idea how many computers are already infected there and in London?”

“No,” Jeff answered. “You should contact Graham Yates for that information, as well as whoever runs the show here. Go as high up as you can. The guy we talked to, Nikos Stefanidou, was noncommittal. We were just shown to the computer, which, by the way, they’d not even bothered to secure.”

Daryl spoke. “If they can alter an OW file, they can change data also. Think about it. A tweak here, an alteration there, in the middle of a voluminous report someone relies on. We were just lucky this one was discovered. Who knows how much other data they’ve modified already? Or where? And what modifications have been made to the software that runs our critical infrastructure by inserting a backdoor? If that happens we have . . .”

“Disaster,” Frank said, looking very weary. “You have disaster.”

19
 

GENEVA, SWITZERLAND

UNITED NATIONS OFFICE AT GENEVA (UNOG)

AVENUE DE LA PAIX

8:09 P.M. CET

 

J
eff yawned, glanced at his watch, and decided to call it quits. He was getting nowhere. He disconnected his laptop. Daryl was sitting across the room working independently on her laptop.

“Let’s call it a day,” Jeff said. “I think we wrap this up tomorrow. I haven’t found any more clues.” When she didn’t look up he said, “What are you doing?”

“Oil. Remember? Have you ever noticed how many reports on the Internet don’t have a date? It’s like they are written for a magazine or something with a date on the cover, and it never occurs to anyone that the article will exist forever on the Internet. Anyway, this report’s kind of old but it’s authoritative.”

“About what?”

She looked up. “China and oil, remember? Okay, here goes. This caught me by surprise—China is the second largest importer of oil in the world, after only you-know-who. Its economy grows at nearly 10 percent and its appetite for oil is all but insatiable, growing at 8 percent a year. You see, they decided to go with cars instead of sticking with mass transit.”

“Big mistake,” Jeff said. “Cars are a dead end.”

“Maybe, but you need an enormous infrastructure to support a thriving car industry and it is a quick way to provide jobs while giving the industrial base a huge boost. Plus, factories that produce cars can easily be converted to military needs.” She gave him a cockeyed smile. “Remember that crack about cars when you go shopping for one next month. I’ve seen you trolling the Web sites. Anyway, within twenty years they’ll have more cars than the U.S. and that same year they’ll be importing just as much oil as we do. So here’s the deal. They don’t have it. Want to guess where they get it from?”

“The Middle East?”

“No surprise, huh? And who is their biggest supplier?”

“Iran. Right?”

“You guessed, but yes, that’s right. They signed a deal saying if Iran would give them lots of oil, China would block any American effort to get the United Nations Security Council to do anything significant about its nuclear program. They’ve been doing a lot of deals with each other ever since.”

He slipped his computer into his bag. “That explains a lot.”

“Oh yeah, these two countries are very cozy indeed. Anyway, China gets most of its oil from Iran. And they don’t just need oil—they need
cheap
oil because they sell the least expensive gasoline in the world. I think that’s to keep everybody happy driving all those new cars.”

“Let’s go. I’m hungry.”

Daryl closed her laptop and picked up her jacket. As she walked out with Jeff, she said, “China’s also been helping with pipelines throughout the Middle East, selling weapons and dual purpose technology. They aren’t just banking on Iran. The consequences for Saudi Arabia are a change in reality for them—and us. It got all its intermediate range ballistic missiles from China and I’ll bet you didn’t even know that Saudi Arabia
had
missiles, did you?”

“I guess not.” Jeff nodded to the guards as they exited the building. As instructed, one promptly sent a text to Henri Wille to let him know they’d left.

It was a lovely night outside and Jeff paused to take in the invigorating air coming down from the Alps. The sky was clear and Lake Geneva twinkled with reflecting stars. “Look at that,” he said, stopping a moment to take it in.

“Wow, very nice.” She took his arm and cuddled. “Let’s hang out here a few days before leaving for Italy, okay?”

“Sure, after we’ve written the detection program for Whitehall and UNOG. They’ll need to repave after this.”

As they took the long broad pathway leading to the road, Daryl continued. “The analysis is that if—when—Iran gets the bomb, Saudi Arabia will be compelled to call in its chits from Pakistan. Apparently they financed Pakistan’s nuclear program with that understanding. That was pretty clever. Saudi Arabia can say it doesn’t have a nuclear program but when the time comes to get bombs and the technology to support them, they just get it all from Pakistan. At the same time, China will sell Saudi Arabia ICBMs, the big boys. They will make the Middle East entirely nuclear. The very idea has everyone on edge.”

“Then they should do something about the Iranian nuclear program instead of just talking about it.”

They left the park surrounding the palace and stepped onto the sidewalk on the Avenue de la Paix. Their hotel was five minutes away.

Jeff glanced at a man talking on his cell phone, obviously waiting for a ride. Daryl cracked a joke and they laughed.

Just down the street a white Volkswagen Crafter crept slowly toward them.

 

It had been a very long wait. Morning had become midday then afternoon. There’d been a short rain around three o’clock. The men used empty water bottles in the rear of the van to relieve themselves. At one point Ahmed had taken a chance and sent Karim off for food and something to drink. Allah had been with them, according to Ali, and nothing had taken place during his absence. While he was gone Ahmed had moved the car’s location in the parking area, knowing an occupied vehicle would inevitably attract notice. Still, he decided not to risk it again as that itself might draw attention.

During the rain he’d rebriefed the men, reminding them that the guns were only to be used against the target—no one else—and then only as a last resort. His orders had been quite specific. Iranian agents would have to operate in Switzerland in the future and it was important they not be seen as a threat against the local police and citizenry.

Ahmed wished this were all taking place in Prague, a city he knew intimately. He understood what he had to do, where he was to go, and how to get there, but if anything went awry he would be forced to improvise. In the crowded streets of a busy unfamiliar city, he would almost certainly be caught.

He did not fear prison. Prison would be acceptable, if necessary. In time, his people would find a way to get him out. They always did. No, what he feared most of all was failure. He’d rather be killed today than face that.

Ahmed Hossein al-Rashid, as he appeared on his passport, was born Ebrahim Abadi, though that was a name he used only in Iran. He was the son of a wealthy Iranian family whose money predated the fall of the Shah. As a consequence, his father had become a zealous supporter of the Ayatollah during the revolution once the outcome was apparent. Ahmed had joined the Iranian army just after completing his schooling. There he’d excelled. He’d been trained in special operations and counterintelligence. He’d been rapidly promoted to captain and assigned to the Iranian intelligence service known as VEVAK, where his training had been expanded to include torture. VEVAK’s mandate was far-reaching, both domestically and internationally, and of all such Iranian operations it was the best funded and most professionally run.

Ahmed had done well since his assignment to Prague and recently had been promoted to major. His career choice often caused him to wonder if he’d ever return home, marry, and have a son. His father had asked him about that the last time they’d met and he’d promised that there was plenty of time for children, though he knew that was a lie.

Ahmed was ambitious and believed in a greater Iran. If he was not inwardly the zealot the mullahs wanted, he masked it carefully with a proper showing of devotion. At heart he was secular. He wondered if Hamid knew; he suspected he did. From what Ahmed had seen, most of the senior operatives in Europe were men like himself. The zealots were assigned the active roles in the missions.

The fact that he’d been ordered into the field along with Ali and Karim, his two best operatives, told him the value placed on this mission. It was an honor to be selected and he did not doubt that success would be rewarded, just as failure would be punished.

His first foreign posting had been to Prague. What he heard from Iran since coming to Europe troubled him. The mullahs were as corrupt as the Shah, and there was vicious, even deadly, infighting within the regime. There was no doubt the regime had lost the confidence of the people; that was obvious to anyone who cared to know. Another revolution was always a possibility. The mullahs, he believed, had squandered their chance.

Though he maintained a low profile and scrupulously preserved his cover as a student, about once a month Ahmed traveled to meet with his senior operatives, to dispense cash, to deliver instructions orally, and to learn how each network was progressing. He also served as a conduit for information he acquired through the Internet and forwarded to Iran by mule. For that he’d recruited Saliha. The trips kept him alert. His biggest challenge had been to be in constant readiness for when an operation came to him.

Ahmed glanced out the open window as he lit another cigarette. He was tired of waiting but he’d waited before. He’d learned through experience not to become impatient. Few operations actually came off and when they did they rarely developed as planned. That was the nature of his calling.

The men took turns waiting near the main entrance that ran through the park to the building. From there they could clearly see the exit. Throughout the day Ahmed had received periodic text messages informing him that the target was still at work inside. Then he was alerted that work had stopped. Perhaps he was taking a meal, or he might just be finished for the day. It was dark, and the building had long since emptied of employees.

Other books

Convictions by Judith Silverthorne
Who Killed My Husband? by Sheila Rose
Baffle by Viola Grace
The Thin Man by Dashiell Hammett
Termination Orders by Leo J. Maloney
Armed by Elaine Macko