Zero Day: A Novel (7 page)

Read Zero Day: A Novel Online

Authors: Mark Russinovich,Howard Schmidt

Tags: #Cyberterrorism, #Men's Adventure, #Technological.; Bisacsh, #Thrillers.; Bisacsh, #Suspense, #Technological, #Thrillers, #Suspense Fiction, #Fiction, #Espionage

BOOK: Zero Day: A Novel
12.41Mb size Format: txt, pdf, ePub

“I hadn’t considered that.” Sue shifted in her chair and pointed at Jeff’s computer screen.“But you think this is Russian.”

“I can’t really put my finger on it. I’ve been able to read some of the code, and it’s just got a Russian feel to it.”

“Maybe somebody copied some Russian code.”

“Could be, could be. But like I said, the Russians have lots of computer-savvy people, and they lease themselves out to criminal groups.”

“You think something like that happened to us?”

“I can’t say at this point. I see sophisticated along with sloppy work. The virus might have been after your data or bank records, but something went wrong because the code was carelessly written.”

“So you think this is about our financial data?”

Jeff grinned. “I don’t know. I’m just speculating here. It might also be an attack meant to create the destruction it’s causing, or something gone awry. It’s possible it steals information, sends it out, then destroys itself to cover its tracks. I just don’t know enough yet.”

Harold was long gone and no one was working in the outside offices. The building was quiet, almost as if it were asleep. “Let’s get some more coffee,” Sue said. In the break room she emptied the coffee machine, rinsed out the pot, filled it with bottled water, opened a container of coffee, and placed it into a new filter. She turned the machine on, then leaned back against the counter to wait. “So you still play video games,” she said with an amused look.

Jeff smiled. “My secret vice. Actually, it’s all related. At least that’s what I tell myself. I prefer online first-person shooting scenarios. It’s how I deal with stress and it’s something I can do anywhere. I also like brainteasers.”

“That’s where your work comes in.”

“Right. I hate to lose. I’ll stick with a virus until I have it figured out, no matter how long it takes.”

Sue arched an eyebrow. “That must get expensive for the client.”

He shook his head. “No, there’s a point beyond which it makes no sense to keep billing. After I’ve fixed the problem, though, I’ll take the virus home and work on it there until I’ve got it.” He met her eyes. “How long have you been here?”

Sue gave him her nonoffice smile. “Just over four years.” Pouring them each a fresh cup of strong coffee, she motioned to Jeff to sit down at the well-used table. Placing his coffee in front of him, she seated herself, took a sip, and sighed with satisfaction before continuing, “I’m from northern California, went to UC Berkeley for computer science. I worked at Microsoft, then took a job in San Francisco before moving here. I’ve worked at Cohen ever since. Until Saturday, it was a good job. Greene’s a pain sometimes, but as long as the system works, he leaves us alone, and Harold has no life away from work. Sadly, that makes two of us. And so you don’t have to ask, my dad’s white and my mom is third-generation San Francisco Chinese. Big scandal in the family. What about you?”

“I’m from Philly originally. I majored in math, enjoyed computer science, so went to the University of Michigan for my Ph.D.”

Sue flashed that friendly smile again. “I have to say, Jeff, you certainly don’t look like a computer geek.”

He laughed. “Genetics, mostly, though I played rugby in college and football in high school.”

“Then what?”

“I taught at Carnegie Mellon, but like almost everybody who isn’t a suck-up, it became clear I wouldn’t get tenure. I went to work for the Cyber Security Division at the CIA, in 1998.”

Sue lit up. “A spook, huh?”

“Hardly,” Jeff said, eager to discourage any romantic notions about his CIA work. “I worked in a crummy office just like yours, only buried in the basement at Langley. Technically I was head of a three-man team called the Cyberterrorism Unit, but my two assistants were always off doing standard IT work for the division.”

“What’d they have you doing, or can’t you say?”

“No, I can talk about my duties, within reason,” Jeff said. “The only danger is I’d bore you to death.”

“I’m listening.”

“Trust me, it wasn’t glamorous.” He filled her in on his years at the Company, telling her he’d held no illusions when he was recruited for the position. “Government work is government work. But I figured it couldn’t possibly be worse than academia. I was wrong.”

Though the threat to the Internet was real enough, at that time it was considered to be largely abstract. The Company budget was allocated primarily to the traditional physical threats. When it came to computers and the Internet, the threat was generally perceived as the possible physical destruction of facilities.

As their primary mission, Jeff and his truncated team worked on recovering data from computers seized from suspects and known terrorists. But they were also responsible for tracking the use of the Internet for terrorist activities and for potential threats.

During the years of his employment, as the Internet grew and spread its tentacles into every aspect of American life and the world community, the potential for a cyber-terrorist attack rose exponentially. The safety of the Internet, and of those computers connected to it, was dependent solely on the security of each individual computer that formed part of the network.

Jeff had certainly seen the threat. He had reasoned that as more government agencies conducted both external and internal business through the Internet, as more banks came online, as nuclear power plants continued linking to one another, and as the U.S. military came to increasingly rely on the Internet and computers to conduct its operations, his unit would receive greater resources and command more attention. He’d been wrong.

The irony was that the Internet had originally been developed as a national security system. In the 1960s, the Department of Defense had been concerned about the vulnerability of its mainframe computers—back in the days when all computers were mainframes—and of its increasingly computer-linked communications system. Several well-placed ICBMs, or even one at a critical point, could potentially cripple America’s ability to defend itself. The air force was especially concerned about maintaining real-time control over its nuclear missiles.

What then emerged was a government-funded system of interconnected computer redundancy. The idea was that even if several computer hubs at key installations were nuked, the system, the actual Internet, would reroute itself around them. In theory, like the multiheaded Hydra of Greek mythology, it would be impossible to defeat. It might be slow, it might electronically hiccup, but the system would function. Jeff wasn’t so sure. The designers had only considered outside threats. They’d never contemplated the ultimate digital universe they’d created, or that the real threat to the Internet might well come from within.

Although the Internet had proven itself enormously popular with the worldwide community and had become increasingly vital to the lives of individuals and the welfare of Fortune 500 companies, interest in safeguarding it wasn’t as high as it ought to be. Jeff was convinced that it would take a significant failure of the system or a coordinated cyber-attack to awaken everyone. Just as it had been impossible to put the United States on a proper war footing before Pearl Harbor, the same fate seemed to await the future of Internet security. No one liked being Cassandra, but he’d found himself playing that role, seen as an alarmist while his warnings were ignored.

Jeff dragged his thoughts back to the present. “Though my primary concern was cyber-security, I knew the Internet could be used to organize and coordinate terrorist attacks,” he told Sue, taking up where he’d left off. “I wore out my welcome arguing for resources. I finally decided that only a seriously mounted terrorist attack against us with significant damage against a target that mattered was going to shake the lethargy of the intelligence community.”

“I guess we got that on 9/11, didn’t we?” Jeff seemed to wince, and for a moment Sue feared she’d misspoken.

After a pause he said, “You’d think so, but I’m still not sure they got the point.”

Sue freshened their coffee and pushed the container of skim milk closer to Jeff. “Go on,” she encouraged.

Jeff prepared his coffee as he continued, “In those days I spent a lot of nights trolling hacker chat rooms looking for signs of a plot.”

“Not much of a social life.”

Jeff smiled. “No. Probably about as active as yours.”

“I might surprise you.” She pointed her raised cup toward him. “But finish the story. I’m waiting for the part about bosses not listening.”

Jeff looked away. How much did he really want to say? He’d avoided the subject until now. But maybe it would be good to talk about it.

First he told her how for most of 2001, he and his team, when available, worked to retrieve information from the hard-drive disks sent to him. Seized from various terrorists or terrorist suspects by a wide range of agencies throughout the world, the disks, or copies of them, had ended up in the hands of the CIA. If British SAS captured an IRA suspect, the hard drive from his computer, or its clone, would at some point find its way to Jeff’s desk. It was the same for the Mossad. Even the CIA’s own meager foreign-agent force produced disks from time to time.

As is generally the case in intelligence, the individual bits of data he produced from these sources by themselves meant little. Once he plucked them from the disks, though, they were fed into a master program by his unit, where they might, or might not, assume their proper place in the database about the terrorist world. He never knew. In fact, he had no idea if anyone was routinely consulting the growing body of data his unit was compiling on the operations of various worldwide terror groups.

“So what happened?” Sue asked. Jeff saw how eager she was and wondered for a moment how she’d react to the whole story.

“I really can’t go into it. Let’s just say, my boss and I had a disagreement, and I left.”

“There’s a story there you’ll have to trust me with sometime,” she said mischievously. “Is that when you started your own company?”

“Yes,” Jeff said, glad to change the subject. “Turns out all those contacts I made with the Company were good for something. It’s been a bigger success than I ever expected. One job after another. So no complaints there.” He sipped his coffee and turned to the problem at hand. “Let’s get back to you. The bad news is that your records, financial as well as work product, are all but a total loss from what I can see. I keep holding out hope they’ll turn up somewhere, but I don’t think so.”

“Is there anything you can do for us?” She looked hopeful and he hated having to disappoint her.

“I’m trying to identify the virus sufficiently so that we can be certain it’s not in your nightly or weekly backup. With that information we can determine if they’re clean.” He held up a hand of caution at seeing her become crestfallen. “I haven’t found a hint of when you picked this up, so I can’t tell from the time frame which, if any, of your backups are clean. It could have been lurking in there a very long time.”

Sue bit her lower lip. “I was afraid that might be the case.” She thought a moment, then gave him a wan smile. “So the worst-case scenario is that our current computers are fried. Useless. Whether or not we can recover the data from the backups, I’ll still have to install a brand-new system. It will kill me.” She made a face at the very thought of it. “It’s going to take weeks to physically put everything in place, then load and link the software, then at least a month to get all the bugs out. And we have to know how to find this virus before I can activate it with our old data so that someone doesn’t inadvertently reintroduce it. I don’t even want to think about that.” She looked into his eyes. “Save me from it all, will you? I’ll be very grateful.” She drained her coffee, then yawned. “Have you noticed these marathon sessions are getting tougher and tougher, the older you get?”

“Give me a break, Sue. You’re a kid compared to me.”

Sue smiled. “It’s been good talking, though. If I get canned, I might come looking for a job.”

“It won’t come to that, I’m sure,” he said, though it wouldn’t surprise him if she ended up being the scapegoat. It wouldn’t be the first time he’d seen that happen.

“I might come looking anyway.” With that, she gave him a warm smile and left for the IT Center, her short hair bouncing, lean hips swinging.

*   *   *

Back at the office a bit later, Jeff asked if she’d found anything useful.

“Almost nothing.” She grimaced. “I examined the logs. As I’m sure you know, we’re hit thousands of times a day by malware looking for a vulnerability. Some of it’s generated by a living hacker, but most are by automated worms, trolling the Internet. It was a bit daunting, realizing how under assault we constantly are, but I didn’t see any failure in our protection. This obviously got through, but I can’t see when or how. Wish I could be more help.”

“And Harold?”

“I’ve had him reimaging the lawyer workstations and laptop systems in the office with clean system installs of the operating system and necessary applications. He’s also checking the e-mail archives and database for signs of tampering.” She yawned, covering her mouth with the back of a hand. “Last, but not least, I’ve got him screening all the complaint calls we’re getting from associates. They don’t pay me enough to do that.”

She hesitated as if considering something, then said, “I’ve been meaning to mention a string I came across in your printouts, but you were awfully busy. I don’t think it’s anything important, but look at this.” Jeff leaned over and read:

Sh3 w!ll n3v3r 13t ur sp!r!tz d0wn

Sh3s a v#ry k!nk! g!r7

Jeff realized he’d missed the text in his earlier scan. Sometimes the clues to a cracker were in the ego parts, those sections of code about himself he couldn’t resist inserting. “I never saw that. What is it?”

“Don’t laugh, but I think it’s leet-speak,” she said, straightening up.

Leet-speak
was hacker language. Malware authors often left their calling cards in their code, even if it was only for them and other hackers to see. Since this one was originally encrypted, it was obviously not meant for the eyes of security investigators.

Other books

Tribe (Tribe 1) by Audrina Cole
Perfect Collision by Lina Andersson
The Truth About Love by Josephine Hart
Matricide at St. Martha's by Ruth Dudley Edwards
DIVA by Susan Fleet
Out on the Rim by Ross Thomas