“Listen up, everybody,” said Lau. “As you know, we have a limited time frame now. Once we start this process, it’s rock-and-fuckin’-roll, got it?”
A few yes, sirs were audible over the tension.
“I’m going to let Walthaus take the lead on this one. He’s done a good job so far. But everyone will play a role in the next critical steps. I will be giving a lot of direction, and the requests will come to you fast. Pay attention, do your jobs and, above all, learn. This is a classroom, remember,” said Lau.
His subtle joke eased the tension, and he could feel himself exhale a little.
“Malvalaha, I want you to coordinate the DDoS attacks on my go. Once we’re in, we need to confuse the network to think they’re receiving heavy volume,” said Lau. “Use the Russian handlers, they’ll get the blame. Sorry, Malvalaha.”
“I don’t care, I was born in Brooklyn,” said Malvalaha with a shrug.
DDoS, or distributed denial of service attacks, were used to temporarily or indefinitely interrupt a web server’s ability to connect to the Internet. The common method of attack saturated the target network with external communications requests to the point it could not respond to legitimate web traffic. The result was server overload and an excellent distraction while Lau conducted the rest of his “business.” A DoS, denial of service, attack generally involved one attacker. In order to truly overload a system, the DDoS attack was preferable. Lau had established multiple servers throughout the world to act as handlers. The handlers were accessed remotely by the computer systems located in the Hack House. Each computer station controlled multiple handlers, and each handler controlled multiple compromised private computers. On Lau’s signal, if necessary, the entire handler system would be activated to attack the targeted web server at TickStub.
“Fakhri, have your group on standby for research,” said Lau. “As we begin to elevate our privileges, we may need to implement our password-cracker tools.”
“On it,” said Fakhri. “I’ll have my guys searching the web to learn all we can about their IT people. We always find them on forums and techie blog sites. It doesn’t take long to put two and two together.”
“Here we go,” said Lau. “First, now that we’re past the firewall, we’re going to bypass the web server and leave the domain alone. Our first stop will be the database—the SQL server.”
“Walthaus, initiate an SQL injection. Let’s see how well their coding techniques are. Their DBMS, database management system, may reject the query, but it will return legitimate data in response.”
Walthaus immediately began entering keystrokes and sat back in his chair to observe the results. Lau watched intently.
“Now, let’s introduce some cross-site scripting to compromise the DBMS server. In the username field, enter foo’ OR 1=1;-- followed by admin in the password field,” said Lau. The screen changed and now read:
Welcome to the TickStub ordering system foo’ OR 1=1;--
“Excellent!” exclaimed Lau. “Now we can use an injection vulnerability to send commands to their back-end database server in order to elevate our privileges. This will allow the DBMS server to run commands for us. It’s time for the next step.”
Lau knew the web-based server controlling the domain and its web traffic was fully secure and had its necessary patches in place. Most IT departments placed all of their focus on the web server because it was utilized by the public via the Internet.
“Most likely the web server is secure. Why beat our heads against the wall trying to crack its code, when we can simply give ourselves administrative access by elevating our internal user privileges, right?” asked Lau, playing the role of professor.
“Let’s pull out our toolbox and make our job easier, shall we?” said Lau, clearly in his element. “Walthaus, upload Netcat to the DBMS server.”
Walthaus dutifully complied.
“Now enter Xp_cmdshell into the command field and we’ll see how complex their administrative system is,” said Lau. Lau watched as the screen changed, providing him the c-prompt he anticipated.
“Okay, everyone, Netcat has enabled us to attain our first foothold, and we are well on our way to overtaking the network. We are no longer an anonymous user. We are now an insider,” said Lau.
A few claps were heard from the team.
“Class, we need a name; who am I?” said Lau.
“Whoami,” said Walthaus. “You know like the old Abbott & Costello routine—’Who’s on First?’ Our username should be whoami.”
Lau laughed heartily. It was perfect.
“Absolutely, Walthaus, whoami it is,” said Lau. “Okay, Mr. Whoami, run an ipconfig on the system so we can determine the lay of the land. Let’s see what our new system is made of.”
Lau watched as the server IP addresses scrolled down the screen, including their internal Ethernet connections. He instructed Walthaus to screen-cap everything and print it for reference.
“We now have effectively taken over the web server. From what I can see here, we have complete connectivity between the web server and the SQL server, which gives us total control over the domain—TickStub.com.
“Before we go for the big prize, the database, let’s pull another tool out of the toolbox. Dump a Trojan in the web server so we can come back in the front door in the event an administrator busts us and we have to run out the backdoor,” said Lau.
The Trojan would install a credential manager, which allowed the creation of usernames and access privileges at the highest levels.
“Final step. Fakhri, how’d you do?” asked Lau.
She approached him with a printout of potential user names and passwords derived from their Internet search. Lau handed the same to Walthaus and gestured to give them a try.
“Bingo. I’m in the back-end data center, which contains all of the usernames, passwords and stored credit card information. I went ahead and tried this combo on the TickStub corporate server and succeeded there as well. We have full access to employee files, W-9s, retirement plans and health care records,” said Walthaus.
Lau took a deep breath and looked around the room. He could feel what they were thinking—big potential payday. He studied the wall for a moment, once again reciting the words in his mind:
One man’s gain is another man’s loss; who gains and who loses is determined by who pays.
“Malvalaha, run this by Bogachev’s people in Russia. Fakhri, contact SEA, the Syrian Electronic Army. Discreetly put the word out. This company does nearly half a billion dollars a year in revenue. It’s time for Mr. Whoami to make the call.”
Chapter 14
January 5, 2016
Steps of the Massachusetts State House
Boston, Massachusetts
“We are coming to you live from the front steps of the Massachusetts State House in Boston, where we are waiting for first-term Senator Abigail Morgan to announce her bid for reelection to the United States Senate. The announcement comes as no surprise to anyone; however, it does come with its share of controversy. Senator Morgan ran as an independent six years ago, but has consistently caucused with the Republican majority since 2014. Some have accused her of hypocrisy, but as we know, in Washington, hypocrisy is in the eyes of the beholder. Massachusetts Democrats have made it clear; should Senator Morgan be tabbed as a possible vice presidential nominee on the Republican ticket, which is a good possibility, then she will receive a stern challenge to her senatorial candidacy. Back to you, Chris,” said the CNN reporter.
Abigail Morgan stood behind a backdrop featuring the United States and Massachusetts state flags, listening to the reporter’s introductions to her remarks. She was accustomed to this challenge and didn’t give it much thought. She had bigger plans than senate reelection. Why should she settle for number two on the ticket? The present occupant of the White House was a freshman senator when he ran for the job. Why couldn’t she do the same?
Abbie, as she was called by family, friends and constituents, was a rock star
within political circles. When she ran for senate six years ago, she chose to run as an independent, touting her libertarian leanings. Getting elected on a statewide ballot as a Republican had been extremely difficult in Massachusetts, even in an anti-incumbent year like 2010. She campaigned hard during her first election cycle, espousing her core beliefs centering on free markets, limited government, peace through strength and individual self-reliance. Her stunning appearance, strong ability to articulate the issues, and the support of a very wealthy donor base made Abbie a Tea Party darling and a viable alternative for the center left.
The stagecraft surrounding her announcement had been calculated for maximum effect. The podium and the backdrop were placed on the second tier of steps entering the State House, above the street level. Commonwealth Avenue had been temporarily closed for the event, allowing a massive gathering of supporters to congregate. All of the media cameras and reporters stood on the brick sidewalk, at street level, allowing for camera angles to catch the gold-leaf dome of the State House as her backdrop. Abbie would look stately, as intended. When she was given the one-minute signal, she glanced down and noticed her friend Julia Hawthorne, who was present on behalf of the Herald. Beyond friendship, she and Julia shared common interests—and benefactors.
“…and now I am pleased to present to you the present and future senator from the great state of Massachusetts, Senator Abigail Morgan!” introduced former Massachusetts Governor William Weld.
With perfect timing, the loudspeakers erupted with a rendition of “All Hail to Massachusetts” sung by Boston Pops star and Tony Award winner Marin Mazzie. Abbie approached the microphone and soaked it in. She was born for this job. Like her “friends,” Abbie knew she would have an important role to play on the world stage. Everything in her life, including this moment, played a part in the intricate and nuanced script. Abbie cleared her throat and stepped forward to deliver one of the most important speeches of her career.
“Thank you, thank you. Thank you so much, everyone—especially for braving this crisp January weather. Thank you as well, Marin Mazzie, for your beautiful rendition of ‘All Hail to Massachusetts’!” said Abbie with special emphasis at the end, drawing cheers from the crowd.
Chants of Abbie, Abbie, Abbie filled Boston Common. She was comfortable speaking in front of sizable crowds, but she did notice the media presence was much larger than normal. She stole a glance up and to her left. Was he watching?
“Six years ago, I ran for office, because like most Bay Staters, I was alarmed at the problems facing our great nation. The economy was stagnant and the so-called recovery was uneven. Federal spending was out of control, and our national debt approached nearly unrecoverable levels. A disastrous, unconstitutional nationalized health care plan was enacted. The foreign policy of this administration was naïve and misguided. Above all, our civil rights and liberties as American citizens were under assault!” Abbie soaked in the cheers and made eye contact whenever possible with her supporters.
“I have drawn attention to these problems and others here in Massachusetts. I have sought to work with any and all who are eager to find solutions and promote reforms. As an independent senator, I have united with members of all parties to seek a balance in government, where we have worked together to avoid the gridlock which has plagued Washington for so many years!
“Our country was founded upon principles we all hold true in our hearts today. The Constitution is our only protection against a heavy-handed government. If the Constitution is not followed and honored, then the power of the federal government goes unrestrained. Once the federal government gains a foothold, it is extremely difficult to reverse that trend. Freedom is the bedrock of our society. Freedom is what makes our great nation exceptional—and our freedoms are under attack, both here and abroad!
“Prosperity is not created by rewarding those who do not earn it. Prosperity is achieved by hard work, effort, risk and the implementation of great ideas. Our Constitution guarantees all Americans the right to pursue happiness and achieve the outcome of their dreams. However, our Constitution does not guarantee equality of outcomes. Prosperity can only be achieved through effort. It cannot be achieved by exacting an unfair tax burden on those who are successful—on any level!
“Success at home depends on stability worldwide, and it goes without saying, we have plenty of enemies beyond our borders. It is incumbent upon our government to protect us by securing those borders and gaining peace through strength. Of the limited powers enumerated to the federal government by our Constitution, security is the most important. Our security as a nation and as a people, from threats foreign and domestic, economic and weaponized, should be one of the top priorities of the federal government!
“Finally, and most importantly, our Founding Fathers would be appalled at the state of legislative affairs in Washington. I am a direct descendant of John Adams and John Quincy Adams, and I believe they would call upon our nation to achieve unity as Americans. In 1789, John Adams, the second president of the United States, predicted today’s sad state of affairs in Washington. He said, ‘There is nothing which I dread so much as a division of the republic into two great parties, each arranged under its leader, and concerting measures in opposition to each other. This, in my humble apprehension, is to be dreaded as the greatest political evil under our Constitution.’ Wise words spoken by President Adams over two hundred years ago are frighteningly accurate.
“If we could set aside our political differences and simply talk to each other, we might realize our distinctions aren’t as vast as we have been led to believe. I firmly believe our divisiveness comes not from our disagreements about policy, but from our attempts to force those beliefs on those who don’t agree. The pundits talk about the big tent—a coalition that accommodates people who have a wide range of beliefs. I submit to you, unless all of us find a way to live together under such a big tent, our country will continue to suffer.
“I stand with all of you in this fight. I hope to continue together in the task of repairing and revitalizing our great nation. So, with the support of my family, my colleagues and the lovely people of the great state of Massachusetts, I proudly announce my reelection campaign to finish the work I began six years ago in the United States Senate!”
Abbie stood back from the microphone and waved to the crowd, which was now larger than moments ago. The roar of Abbie, Abbie, Abbie intensified below her. She made direct eye contact with both the television cameras and also the press pool photographers. With the help of her staff, her announcement would become one of the most important media events of this twenty-four-hour news cycle. But as Abbie snuck one final glance at the penthouse of 73 Tremont, she knew bigger news could always be in the making.
Chapter 15
January 5, 2016
73 Tremont
Boston, Massachusetts
John Morgan stood at one of the windows in his inner sanctum and surveyed the inhospitable winter landscape of the Common and Beacon Hill. As the years stretched on, his tolerance for the cold waned, but he would never join the ranks of those retreating to warmer climates during the winter months. Pink flamingos were not his cup of tea. Despite the bitter temperatures below, the scene was far from barren. Camera crews and media types scurried into position. Police barricades blocked Commonwealth Avenue, allowing onlookers to enjoy a rare opportunity to stand in the middle of a busy Boston thoroughfare and listen to one of his rising stars.
Abigail had intended to delay her announcement until March, when the weather would be more tolerable. Morgan insisted the announcement take place early in the year. When she questioned him about the early announcement date, he simply smiled and told her it was for the better. Abigail was not that different from others Morgan controlled, outside of the fact that she was his only child. Not an insignificant fact by any measure. It is part of the blueprint for your success, my dear. A blueprint we must all follow.
Morgan had followed the same blueprint, just like his father and
his father’s father before him. For generations, the Adams and Morgan lineage defined American politics, banking and philanthropy. His great-grandfather was J.P. Morgan, cofounder of Morgan Stanley. His mother was Catherine Adams, a direct descendant of President John Adams. For centuries the two families formed the historic core of the East Coast establishment and the upper class of New England society.
Following his graduation from Harvard Law, Morgan formed the Morgan-Holmes law firm with William Holmes, grandson of Supreme Court Justice Oliver Wendell Holmes Jr. Together, Morgan and Holmes built a practice of international notoriety, expanding their families’ sphere of influence well beyond U.S. shores. Morgan was tapped as Secretary of State, during the first two years of the Carter administration, finding himself at odds with the President on most policy issues. He used the time to expand his contacts around the world, remaining mostly a figurehead.
After resigning his post as Secretary of State, Morgan, following in his great-grandfather’s footsteps, formed Morgan Global, an international banking and investment concern. With the law practice capably administered by Holmes, Morgan devoted his time to this ambitious project. Morgan Global was destined to be the banking house of choice for the world’s super wealthy. Morgan and others like him demanded secrecy, in addition to ample returns on their investment. Morgan Global provided both. By the mid-1980s, Morgan Global boasted over one billion dollars under management.
In 1979, following his return to private life, Morgan had a very public wedding to Eleanor Sargent, the sister of his lifelong friend Henry Winthrop Sargent III. The marriage, while not prearranged, was expected. Families with historic lineage like the Morgans, Adams, Sargents and Holmes were expected to marry each other—within the family.
Abigail, named in honor of Abigail Adams, was the only child of John and Eleanor Morgan. Complications during pregnancy prevented Eleanor from having more children. Complications of lineage prevented the Morgans from considering adoption. Now John Morgan stood watching his daughter, a fiercely intelligent, beautiful woman, take the podium to make her announcement. He turned up the volume on the television monitor.
The Loyal Nine Page 9