Everything continued to fall in place almost effortlessly as they took their investigations deeper into the details. The necessary modifications to the ships could be carried out at shipyards in numerous ports located in out-of-the-way developing nations like Bangladesh and Cameroon. There was an active market not only in purchasing used ships but in leasing them as well under terms that assigned maintenance and upgrading responsibility and costs to the lessee. And almost all commercial ships were registered in countries like Panama and Liberia that had next to no regulations applicable to ship operation, and therefore no nosy inspectors snooping around the ships under their jurisdiction.
But proving that their scheme was feasible didn’t prove anything more than that. They’d have to actually find a ship that had been altered to launch V-1s in order to know they had cracked the Caliphate’s plot or succeed in decrypting communications that confirmed their suspicions. But so far, they hadn’t been able to crack the Caliphate’s code.
“So I guess it’s time we tell the Tiger Team what we’re thinking, right?” Tim asked.
“That should be the right decision, but I’m not so sure.”
“Why? We don’t have a lot of time to work with here. As a matter of fact, we don’t even have a clue how much time that is. And none of us is a codebreaker.”
“I know. But I’m not confident anyone is going to believe us. We’ve been told often enough that if there’s a danger to cyberinfrastructure, it’s going to be through a cyberattack and not to waste our time on any other theory. Henderson keeps insisting that if anyone is going to worry about any kind of traditional attack it’s going to be the Kinetic Tiger Team. Except that they’ve been told that any kinetic attack will be against people or power stations or the like. And finally, if we claim we’ve found something the Kinetic Team hasn’t, we make them look bad and they’ll say we’re crazy.”
“But still—what if we’re right and we don’t tell anyone in time? Then what?”
“I don’t have a good answer for that, except that if we go too soon, they’ll probably ignore us. So let’s set a deadline of the next weekly Tiger Team meeting to come up with everything we can, and whatever that is, we’ll take that to them. That gives us five days.”
“Fine, but what can we do in that amount of time that’s likely to be worth waiting for?”
“How about this? We can assume that every ship would need some sort of structural changes in order to serve as a launch platform. Even if it’s not as dramatic as a below decks launch facility, they’d still need to modify their above decks area to accommodate launch ramps—and also get rid of any obstructions between the bow of the ship and the other end of the ramp.
“I have to believe that the CIA or the Department of Homeland Security has a database with satellite photos of every ship of any size. Assuming that the photos get updated periodically, Keri could do a search for any ship where the forward two hundred feet of its hull has changed significantly. Then she could analyze the results and see if any of those changes were similar and made at the same shipyard, or a couple of shipyards. If she finds a group of ships where that’s true, we can look at the changes and see if they’re consistent with what we would expect to see in order to accommodate launching ramps.”
“Okay, we can do that. But what if the modifications aren’t on deck? A satellite taking pictures from above isn’t going to show doors in the bow of a ship.”
“That’s true. But there are other kinds of data we could use instead, like how long a vessel has stayed in port, and where. A ship that isn’t moving isn’t making money, so unless it can’t find a cargo, it’s got to have a reason for staying in port longer than it takes to load and unload. If we find that some ships have been idling in the same ports rather than working steadily, maybe they’ll have something interesting in common that would support our theory.
“Sure, but like you said, what if a ship just can’t find a cargo, or isn’t sailing for some other reason? I read the other day that with oil prices down so low, energy companies are buying up old tankers just to use as floating storage facilities until the price goes back up.”
“Keri should be able to weed ships like that out by pattern analysis. If there are a lot of oil tankers hanging around oil production facilities, then she can ignore them. But if a port has a lot of ships coming and going all the time and just one ship is there for a month, then that would be interesting. And I’m betting that the shipyards we’re looking for are in out-of-the-way places, not in major ports that cater to supertankers. It might take some work, but if we keep at it, we should be able to find what we’re looking for—assuming, of course, there’s something there to find.”
* * *
Five days later, Frank had what he thought he needed. The satellite pictures hadn’t panned out, but the pattern analysis had. They’d found thirteen elderly freighters that had each spent eight to ten weeks in one of three small shipyards, one in Mauritius and the other two in Malaysia. All of the ships were owned by the same company, which was owned by another company, which was finally owned by a company in which the CIA suspected the Caliphate had invested. Each had also visited a port in Myanmar that was not far from a company that built airframes for an Indian cargo aircraft company, and the CIA believed the Caliphate might have invested in the airframe manufacturer as well. The Myanmar company didn’t normally make engines, but it had a division that made high-pressure industrial boilers, so it had all the necessary equipment and adequate experience to build the primitive jet engines used by a V-1.
It would be great to have more to go on, but it seemed like enough to Frank. If his Tiger Team chair endorsed the V-1 theory, the CIA should be able to check it out quickly using its global resources.
Not wanting to risk rejection before he had time to explain his theory fully, Frank waited to ask to be added to the agenda until he walked into the meeting. As before, he also waited impatiently for his turn. When it arrived, he carried his laptop to the front of the room and connected it to the projector. Accepting the remote from the chairman, he took a deep breath and began.
“So, as most of you realize from my comments in earlier meetings, I’ve been kind of skeptical about the concept of the Caliphate being able to mount a serious cyberattack against the U.S. or one of our allies. Nothing we’ve heard from the field suggests they have the capability to do that or that they’ve been trying to acquire the assistance of those that do. For example, no one’s been able to find any evidence of recruiting efforts targeting people with cyber skills, and I haven’t been able to find anything anywhere on the dark web that suggests that the Caliphate has been trying to hire that kind of talent.
“That doesn’t mean, though, that I’m skeptical that the Caliphate might want to take down the Internet by physically destroying the infrastructure it depends on. If the web and the Internet went down all over the Western world, it would be disastrous for us but have almost no impact on the Caliphate. So I can’t imagine anything that could fulfill Foobar’s threats better than that.”
Barbara Travers, the liaison with the Kinetic Tiger Team, interrupted. “Hang on a minute, Frank. The Kinetic team is already covering that contingency. According to their threat analysis, the most realistic scenario would involve cutting telecommunications fiber optics in as many chokepoints as possible. There are dozens of places in the country where you could open up a manhole and in an hour cut off a city or more using just battery-powered hand tools. Or just toss a grenade in and run like hell.”
“I agree that’s a very credible risk. But we could get everything up and running again in a few days, so the impact would be less dire than what the Caliphate has been threatening.
“But now consider this: according to the calculations in an analysis the Department of Homeland Security performed, if you took down about a third of the largest data centers, the Internet would collapse. And if you u
sed kinetic weapons, you wouldn’t be able to repair the damage.”
Virgil Cooper, the former Navy SEAL commander wasn’t buying it. “Don’t you think that’s a bit of an exaggeration? Sure, you could do a lot of damage with explosives, but what’s to stop you from just hauling in new servers and setting everything back up again?”
“Because everything would have stopped—without the Internet, there’d be no gas, fuel oil, or food deliveries; no trains and no planes operating; no electricity to run the factories that make the tens of thousands of servers you’d need to replace, and so on. That’s in the DHS report as well.” Frank divided the stack of reports he’d carried to the front of the room into two stacks and handed them to his left and right.
“He’s right,” Dr. Fermi said. “I’ve read the same report.”
“So for the sake of argument, I’ll accept that,” Travers said. “But why are you bringing up something that’s another team’s responsibility?”
“We weren’t looking for this specifically. How we got there was by trying to get more information out of the intercept data than we were finding on the Internet.”
“Also not your responsibility,” the chairman cut in, checking his watch in a way that Frank was intended to notice.
Frank decided to speed up in case the chairman decided to cut his presentation off entirely. “Well, let me just briefly summarize our methodology, and then I’ll jump ahead to what we uncovered.”
Frank woke the projector up and started running quickly through a slide set that started with tables of code names and then progressed to charts of the frequency of the use of the suspect words they’d tracked, to pictures of data centers, and then to maps of their locations, providing a running commentary along the way.
“Through data analysis, we found what we believe were the code words for the Manhattan attack and then for the plague attack, based upon context and juxtaposition of peak usage leading up to the dates of those attacks. We’ve also come up with a third word that’s skyrocketing towards levels that neither of the first two ever reached. We think, in each case, the code word is used to identify the sections of coded messages that relate to the specific attack the Caliphate is working up to and that the code word that’s taking off now refers to the really big attack that Foobar has been promising. It’s possible that other trending, suspect words relate to other pending attacks, or it may be that they’re just camouflage, in order to confuse anyone trying to decode the messages we think relate to the big attack.”
It was clear he had their attention now, so he pressed on. “So the next thing we tried to figure out was whether a given code word could give us any clues to what kind of attack was being planned. The code word for the Manhattan attack, which involved taking out bridges and tunnels, was “Hellespont,” which suggests the nature of the attack because the Hellespont is where the Persian emperor Xerxes tried to cross from Asia into Europe to attack Greece on a bridge of boats two thousand years ago. But storms kept destroying the bridge, just as the Caliphate took out all of the bridges to Manhattan. And for the plague attack, they used the code word Venice, because that’s the port through which the plague is believed to have entered Europe during the Middle Ages.”
To everyone’s surprise, Frank now switched to an archival photo of a V-1 flying bomb on its launcher. “We believe that the code word for the big attack is antlion and that the clue in that word is its association with the German V-1 rocket, which the Brits called a doodlebug, which is another word for antlion. And a set of plans and manuals for the V-1 was stolen three years ago from a museum in Germany.”
The SEAL commander jumped in again. “So you’re suggesting that Foobar’s big plan to conquer the U.S. and Europe is to attack us with World War Two weaponry?”
“Yes, but not in the same way. Remember that where I started was noting that all someone would have to do is take down fewer than a hundred data centers to knock down the Internet and the Web.”
“Brilliant. All he has to do is ship all those flying bombs and launch ramps and everything else to the U.S., ask everyone to look the other way while he sets them up all over the country, and then fire them. By George, Adversego, I think you’ve got it!”
Frank ignored the resulting laughter and kept forging ahead. “Actually, we think there’s a much easier way available to him.” He started working his way now through satellite shots of the specific ships they had settled on and the shipyards they’d visited, followed by a global map showing the routes of the ships over the last twelve months.
“So that’s what we think. It all fits together. We’ve got no coastal defenses to protect us from an attack like this or any security program that inspects ships before they’re at the dock. If you look at where those vessels are right now, each is on a course that, within a few weeks, would take it to a port near a major, in-range concentration of data centers in the U.S. or Europe. If we intercept those ships before they reach their destinations, we can head off Foobar’s assault. He would have no reason to plan any attacks after this one, so if we stop it, we’d have enough time to take out the Caliphate before it could plan and launch anything else.”
Frank stopped and waited for a response. Koontz was staring at him with deeply furrowed brows, while Fermi looked intrigued. The commander’s face radiated disdain. The rest were staring at the chairman to see what he would say.
“So that’s it?” the chairman said.
“Yes. That’s what we think.”
“Based on the facts that someone stole a set of V-1 plans, that some old ships needed repairs, and that in two weeks each of these ships could reach the U.S. or Europe, or, I might observe, just about anywhere else in the Western hemisphere.”
“Well, not just that—”
“Oh—of course not. Excuse me. How could I forget. You’ve also got the fact that a Western colloquialism for an antlion is ‘doodlebug.’”
“Uh, yes. That is where the V-1 part comes in.”
“Okay, Frank. It may be that you’ve stumbled on something here that’s important, by which I mean the code words and your theory that they identify related information contextually. If that proves to be true, that will be useful enough for me to forget about the cock-and-bull nonsense you just wasted our time with and perhaps even the amount of time you and your team spent concocting this fantasy when you were supposed to be saving the Homeland. Of course, if you’d shared the code word information with us however long ago you discovered it, we’d all be better off.”
“But—”
“So in summary, I don’t want to hear another word about your nonsensical V-1 theory or learn that you’re wasting another minute of your team’s time on anything other than what you were hired to work on, which is averting the possible catastrophe of the Caliphate launching a major cybersecurity attack. Do you understand?”
“Of course, I understand, but what about the ships? Isn’t anyone going to check one of them out to see if we’re right?”
“If you’re inviting me to repeat what I’ve just said, you’re making a bad decision. So I ask again: do you understand?”
Frank flapped his hands helplessly at his sides. Having no other choice, he said, “I understand.” But his mind was already racing ahead to figure out a way to prove otherwise.
* * *
19
The Long and the Short of it
With the cybersecurity bill close to being signed, Mitty was getting ready to spring the trap he’d been preparing ever since his board of directors had adopted its growth at all costs strategy. The first step was to announce WeBCloud’s acquisition of Cyber IP Holdings LLC. For the last two years, that company had been quietly filing patent applications and buying up patents owned by others for the sole purpose of eventually demanding license payments from anyone who might be infringing them. To those that approved of this business model, that made
it a “non-practicing entity,” but to everyone else, it was a “patent troll.”
The marketplace was unaware of CIPH’s activities, as CIPH had thus far operated in what venture capitalists referred to as “stealth mode,” meaning that it had no publicly announced purpose and only an “under construction” web page. It had not, for example, issued a press release when it sold ten percent of its stock to WeBCloud several years before, nor had it revealed that, as part of the transaction, WeBCloud also received the right to buy the balance of CIPH’s stock for a set price on the second anniversary of its initial investment. Although there was nothing in writing to indicate CIPH was operating under the control of the larger company, it was nonetheless a fact that virtually every patent in the CIPH portfolio would necessarily be infringed by anyone building or maintaining a cloud computing facility that complied with the DCSA data center security standards.
“Stuart Danforth is here, Nate.”
“Thanks, Sue. Please tell him I’ll be with him in a few minutes. Oh, and tell Lou as well.”
“Already done that.”
He smiled. “Of course, you have, Sue.”
Mitty wasn’t particularly busy, but he made Danforth wait for ten minutes anyway before joining him in the conference room.
“So,” Mitty said, sliding a piece of paper across the table, “what do you think of this?”
The investment banker frowned slightly as he leaned forward to pick up the paper, expecting it to be the CIPH acquisition press release. Mitty looked a lot more confident than Danforth thought he had a right to be. This was going to be a rough meeting if Mitty thought yesterday’s announcement that WeBCloud had purchased some unknown startup would make investors more interested in participating in the WeBCloud offering.
The Doodlebug War Page 19