This is a work of fiction, woven together using real technologies and potential contingencies and eventualities. While the characters, organizations, incidents, and dialogues are products of the author’s imagination and are not to be construed as real, nearly everything in this work falls clearly within the realm of the possible.
Producer & International Distributor
eBookPro Publishing
www.ebook-pro.com
Shift Delete
Gary L. Rashba
Copyright © 2020 Gary L. Rashba
All rights reserved; No parts of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, taping, or by any information retrieval system, without the author’s explicit permission in writing.
Contact: [email protected]
Contents
Author’s Note Written By:
Sigal Rashba, wife of the late Gary L. Rashba
1. DCA
2. CYBER 9/11. AMERICA’S WAKE-UP CALL
3. MOSCOW
4. ALEXANDRA
5. COCKTAIL
6. RETROSPECT
.7 PROVOCATION, ESCALATION & WAR
8. ALL QUIET ON THE WESTERN FRONT
9. TRIAGE
10. POPCORN
11. NIGHT
12. OBSESSION
13. BACK TO MOSCOW
14. THE CARROT
15. DESPERATION
16. SWIFT JUSTICE
17. WHATEVER WE HAD ONCE WAS GONE
18. LIPPNOW
19. INTO THE ABYSS
20. T.I.A.
21. EXPECT THE UNEXPECTED
22. SALAMI AND CABBAGE
23. DEVIL’S ADVOCATE
24. EASY MONEY
25. HOSTING THE RUSSIANS
26. DELETE
27. BEGINNING TO UNRAVEL
28. THE QUINTESSENTIAL T.L.A.
29. HEADING HOME
Author’s Note Written By: Sigal Rashba, wife of the late Gary L. Rashba
My husband, Gary L. Rashba, developed a rare form of cancer and passed away in October, 2016. Gary spent years researching and writing this book and finished it just before his death. Unfortunately, he didn’t have time to publish it.
It has been my dream to publish this book for Gary because writing was his passion. Gary’s other works include more than 30 articles about military history and travel, as well as the nonfiction book Holy Wars. This book, Shift Delete, is Gary’s first novel and his last work. I’d like to dedicate it in Gary’s memory and as a legacy to our three loving children: Elad, Adi and Idan.
I would like to thank my family, my friends and family’s friends who have encouraged me to see this project through to fruition. I would also like to thank Steven Rashba, who has been my partner throughout this publishing process.
By reading this book, you contribute to keeping Gary’s legacy alive, which is very important to Gary’s family and me.
We hope you enjoy reading Shift Delete and thank you for your support.
Sigal Rashba
May, 2021
1. DCA
Is nothing sacred anymore? Elliot Parovsky thought to himself, shaking his head in disbelief as he looked at the email he received from Loretta in Intelligence. Not that his participation in the Moscow cyber conference was a secret, but the conference program had been released only yesterday, and only to registered conference participants. The speed and reach of information never ceased to amaze him, and he lived at the forefront of this stuff. Yet here he was, his name already emblazoned in a hacker forum for all to see and begin scheming.
Mr. Elliot Parovsky, Director, National Computer Incident Response Team (CIRT) of the U.S. Government’s Department of Cyber Activity (DCA), will be speaking at the Kostrinsky Labs Cyber Security Conference in Moscow.
It had been picked up by the Department of Cyber Activity’s intelligence mining system called Gnosis, Greek for “knowledge”— their search engine that scoured the internet and Deep Web for mentions of topics of interest, like Google Alerts on steroids. Someone had uploaded the conference program to a hacker chatroom. Parovsky knew he could now expect to receive a flood of spear phishing attacks—those sometimes-clever targeted attacks trying to trick him into opening a seemingly harmless email attachment or click on a web link that actually contained malicious code, He was was the frequent target of spear- phishing, yet he was hypersensitive to this, especially since his agency educated its constituents to be aware of such emails. He had a collection he would show people, like ones sent to him from “DCA@Hotmail,” as if a U.S. Government agency would be using Hotmail for its official correspondence.
After nearly every such conference, he could expect to receive these real-looking emails relating to another cyber conference or other legitimate-sounding event accompanied by an attachment to open or link to click that was out to compromise his computer. This was no spam email from Nigeria about getting $100,000 wired to his bank account, but rather sophisticated, purposely-engineered attack attempts aiming to embed malware like key loggers or malicious code on his computer.
Parovsky had dreamt of becoming an FBI agent or working for the CIA, as long as he was out there on the front lines. Job applications to the Central Intelligence Agency, Federal Bureau of Investigation, Drug Enforcement Agency, Secret Service and the Bureau of Alcohol, Tobacco and Firearms had all been declined, dashing his dreams of being a gun-brandishing federal agent wearing a dark blue windbreaker jacket with the agency initials spelled out on the back in large yellow capital block letters. The image of the Uzi-wielding Secret Service agent on guard after John Hinckley shot President Ronald Reagan in 1981 remained ingrained in Parovsky’s mind since that day so many years earlier. For years afterwards, thoughts of government service, wearing a trench coat with a submachine gun hidden inconspicuously below in some sophisticated holster turned him on. But the job offers just didn’t come his way. He found himself frustrated and depressed that his law degree and subsequent masters in international relations weren’t getting him jobs, after all the dues he had paid busting his ass in law and grad school.
Despite having no background in computer sciences, he was hired as a cyber- analyst at DCA—to which he had applied as a longshot, based on the analytical skills DCA’s personnel office reasoned came with his law degree. They needed people who were good at solving problems, not people who know how to build a computer network from the ground up. They liked law degrees. We can train a person to use tools, DCA’s thinking went, but we can’t teach a person to solve problems.
After all the rejections, he was very thankful for the opportunity to join DCA. To this day, he remembered the acceptance letter: “Dear Mr. Elliot Parovsky,” the letter began. “The Department of Cyber Activity is pleased to offer you the position of Cyber Defense Analyst.”
That’s as far as he read. Before even the excitement of the job offer hit, his first thought was how ironic it was that the federal agency charged with protecting the federal government’s computer users from cyber security threats would snail mail an old-fashioned letter, the type printed on thick cream-colored stock paper with an embossed agency seal on top. Or perhaps not irony at all, but rather one of the few remaining secure forms of communication.
Someone had told him along the way that he could send out a thousand resumes, but all he needed was one job offer. Seemed like sound advice; here it was. Despite his initial excitement, DCA was definitely not as adventurous or glamorous as the other agencies to which he had applied. But it definitely was cutting-edge.
He began to discover the cyber a
rena was a constantly active combat front, far more dynamic than the kinetic conflicts fought by generals. DCA even used the terminology of kinetic warfare. He thrived as a cyber-analyst and was promoted to join the Cyber Incident Response Team, ultimately rising through the ranks to head the team—the job he presently held.
He tried to liken himself to a combatant on the U.S. Navy SEAL Team 6—the elite unit that eliminated Osama Bin Laden, imagining himself as taking part in critical national missions. But coming to work each day wearing a suit and sitting in a comfortable, air conditioned office in the Washington DC suburbs did not lend to the feeling of being a warrior. While he was a cyber- warrior on the front lines of this modern-day, low- intensity conflict warfare, the job didn’t match his fantasies; he had seen his fill of Mel Gibson movies, where a protagonist single-handedly saves the day against the forces of evil.
On the surface, Elliot Parovsky seemed to have so much going for him: a stable and stimulating job where he was truly making a difference, and a comfortable apartment in downtown Washington. He was good-looking, of medium height and athletic build, with no shortage of women interested in him. Yet he was never happy. He was tormented by a search for happiness, which he wouldn’t allow himself to achieve. Or perhaps it was ingrained into his head that happiness doesn’t exist by overprotective parents trying to stave off disappointments. He grew up recording his thoughts and feelings on a mini cassette tape recorder, later a digital one. He couldn’t even remember when he began with the recordings, whether it was in junior high school, or before or after, or whether the idea had come from his parents or another psychologist. He still did it out of habit on his IPhone’s Voice Memos app, on the assumption that it somehow helped him, rather than keeping thoughts and feelings bottled up inside.
Parovsky spent his free time working out at a gym, jogging and viewing pornography on the open internet, even though he had an inkling that his computer was compromised. He really couldn’t help himself; this was his vice—even if he was being monitored by a U.S. or someone else’s security agency, and he was pretty certain,having been to so many conferences and other events that put his name “out there”, that others were sure to be on to him. He figured that if he didn’t pay for anything, he really wasn’t doing anything wrong, and he wasn’t breaking any laws. It might be legit, if not risqué but it was not against the rules. Initially he had tried hiding this by viewing sites through the anonymous Deep Web but found it frustratingly slow, so he abandoned that for the speed of the open web.
2. CYBER 9/11. AMERICA’S WAKE-UP CALL
The Department of Cyber Activity, better known as DCA, was originally known as the Department of Cyber Response and Activity, but some official decided that this agency had to have a three-letter acronym if it were to truly be a peer among the three-letter agencies such as the CIA, NSA, FBI and the like, as if an acronym is all it takes to gain respect. These government guys were so ridiculous that the three-letter agencies even had an acronym of their own: TLA’s.
DCA was set up after what came to be known as “Cyber 9/11”—the day the United States truly learned what was meant to be cyber-attacked. In that cataclysmic event, an attack on the electricity grid plunged a massive swath of the country into darkness. Nighttime satellite images shot over the United States illustrated the extent of the attack: about a quarter of the country appeared as pitch blackness. Curfews were imposed as citizens reared their ugliest faces by resorting to their primordial instincts of looting and hoarding.
Like any good thief, the cyber-attacker had thoroughly “cased the joint,” in the language of thieves, repeatedly penetrating the targeted power grid’s SCADA industrial control system to study the system to figure out the best way to attack it, and then meticulously covered his tracks to avoid detection or leaving a signature, knowing he would return for further reconnaissance.
From the snooping, the attacker identified high-load nodes, those power lines with heavier current loads flowing through them, and chose the most opportune ones to target. Attacking and causing failures of high- load nodes meant that only a few would need to be affected to set off a massive chain of transmission lines and generating failures across a huge portion of the electrical grid. The attack was intentionally launched during an intense cold spell in the frozen mid-West region, utilizing the cold weather that would be accompanied by a spike in electricity usage, adding additional stress to the grid.
Once the relays were tripped by cyber-attack, the lines were isolated from the rest of the grid and current shifted nearly instantaneously to parallel paths. But this sudden extra load caused the parallel paths to shut down, transferring their load onto other lines. The whole process continuously repeated itself, rippling across the grid like falling dominoes. The succession of overloading lines created a massive power outage known as a cascading failure. Even defended nodes failed during the cascade as they were unable to bear the brunt of the excessive loads. Once underway, the cascading failure is nearly impossible to stop before it has eliminated almost all power transmissions in a massive area.
Lights flickered and then went out. Heaters and everything else electric went off. Within minutes, tens of millions of consumers were without power, affecting heating systems, computer systems, food storage and supply. Regional air traffic ground to a halt, first delaying and then canceling thousands of flights, stranding millions; subways were stuck, traffic light outages crippled ground transportation; water and sewage pumps stopped working.
People froze to death in their homes. Bodies were found in elevator shafts and subway tunnels in what were clearly desperate attempts to escape what had to have been terrifying conditions in the darkness and freezing cold. The collective damage mounted to billions of dollars, not to mention the toll in human life.
The sophistication of the attack suggested it was state-sponsored as it required deep knowledge of electricity generation and power grids, like the relationship between current, voltage and impedance, and knew to trip the very impedance relays designed to protect the grid by isolating a shorted power line from the grid. The attack was likely even rehearsed in advance on a controlled scale.
The President of the United States called the attack “cowardly”, and ordered the military to prepare to respond, declaring a “red line” had been crossed given the significant damage to infrastructure and resulting deaths. But the truth was, the country had no idea who was behind the attack. As in all cyber-attacks, there was a degree of anonymity, even though cyber sleuth professionals knew how to identify clues of its origin. Various U.S. Government agencies tried to get to the bottom of the case, yet none had all the necessary resources, leaving the lingering question of who was behind it.
China condemned the attack, while North Korea remained noticeably silent. But the culprits could include the likes of Iran, Venezuela, Syria, The Islamic State or so many others with an axe to grind with the U.S., whether nations, terror organizations, organized criminal groups or even highly sophisticated individuals, like former industry insiders. The cyber realm was a great equalizer, where a lone actor could conceivably attack a country. Conspiracy theorists quickly went to work, accusing the United States Government of orchestrating the attack in order to justify additional spying on its own citizens. Another ridiculous theory blamed Israel, describing a sophisticated ploy to make people think it was Muslims to turn U.S. public opinion against them and thereby strengthen Israel’s position vis-a-vis the U.S. The world Islamic media naturally jumped on this absurdity as if it were substantiated fact.
“How could we allow ourselves to become so vulnerable?” a white haired Congressman with thin wire-framed glasses demanded to know on the House of Representatives floor. The answer came in a newspaper article published that same week based on interviews with dozens of people who had suffered through the power outage. What people most remembered from the blackout, the respondents noted, was the inability to charge their smartphones and the feeling of isolat
ion that generated, cut off as they were from email, text messages, Facebook and social media. In other words, consumers demanded connectivity at all costs.
Congressional hearings held in a venerable dark mahogany wood-paneled chamber brought to light how truly at risk the United States was to a similar catastrophic attack in almost every area in our world where all things are connected. “The internet of things,” a term that just days earlier was synonymous with convenience became understood as holding serious consequences.
“I still don’t get it,” a Congressman with a bulbous nose asked, trying to understand how the cascading failure spun out of control.
“It’s like a soldier on a march collapses,” an electricity utility executive explained. “His pack is given to another soldier, who then collapses from the extra burden, and down the line until they all collapse from the impossible task of bearing all that extra weight originally carried by all the fallen soldiers, leaving no one to carry the equipment!”
“Hmmmm,” the Congressman murmured into the microphone in a deep baritone before asking, “So why wasn’t our power grid protected?”
“We didn’t have a playbook.”
“What do you mean by that?” a stern-faced Congressman challenged.
“I mean we didn’t have a master plan of what to do.”
“Are you prepared now?” another Congressman scowled.
“Uhhhh. No sir. Implementing defensive methodologies takes time. One also must take into account the massive impact and implication of cutting off hundreds of thousands of electricity consumers as a preventive measure, plunging a city into darkness. That’s not something that is taken lightly in our industry and is an event certain to be followed by an investigation.”
The Congressional committee learned of the blind refusal by utilities to accept that their turbines could be tampered with by someone remotely messing with their computer system. The grilling by the Congressional committee brought to light the fact that there was no mechanism in place at many utilities, not even an identified authorized person, to cut off power to halt a catastrophic event. “Pulling the plug,” was the way a brown-suited witness with brown shoes phrased it, adding “pardon the pun” with a grin, eliciting a few smiles from the overly-serious members of Congress.
Shift Delete Page 1