Proportionate Response
Page 33
“I must be like a book,” Johnny Two-cakes said.
Marks shrugged. “Figured there was more to this. Whatcha got?”
“I want to give you an out, if you want it,” Johnny Two-cakes said. “Hear me out, and then tell me if you still want in.”
He told them his story. This was about Costa Rica. Or at least that was where this journey had started. Six years ago, when Marks and Lip left the SCS, he decided he was done, as well. It took him a month to know, and when he made the decision a month after that, he didn’t do it halfway. Done was done. Even DC had gotten tedious.
He’d been ruminating on it for a while, and it seemed the best time to do it. His years at the NSA had guaranteed him a healthy pension. (Not that he needed the financial subsidy for support, as unknown to everyone, Johnny Two-cakes had always been quite wealthy. That was one detail that Johnny Two-cakes chose not to share with Marks and Lip right now, as he knew that would only open a door he didn’t feel like opening at the moment.) Nevertheless, money needs or not aside, he decided to move to Costa Rica. He didn’t sell his house in North Arlington, as he figured he could always move back if things didn’t work out. Of course, in hindsight, knowing that the house would burn down, perhaps he should have sold it.
Anyway, moving past that sore point before he got tangentially off track.
“Costa Rica,” Johnny Two-cakes said. “I chose that area because I’d always liked the beaches and jungle down there. There is something preternatural about the place.”
He went on and told them how he’d found a place to live. Nothing fancy, just a humble abode that met his basic needs. He wasn’t looking for a job, but stumbled on one all the same. A man he met needed a cybersecurity consultant to train his IT personnel. At first Johnny Two-cakes wasn’t interested, but there was something which gave him pause about the man’s offer. The man was obviously at his wits’ end. Johnny Two-cakes had met him at an ad hoc AA meeting made up mostly of expats. The man, like himself, was a recovering alcoholic. And like himself, hadn’t touched a drink in years.
Over coffee, the man was quite frank with him, and explained his plight. He owned an online gambling site. Costa Rica was unusual in the fact that they had a profusion of such companies, and for some reason Johnny Two-cakes had noticed during his short time here, they seemed to come and go quite quickly.
Johnny Two-cakes soon learned why that might be the case. Gamblers weren’t selective in their site of choice. Like alcoholics who simply wanted to get tight, and any liquor would suffice, gamblers wanted to gamble, and do so at all hours of the day. If a site was down, customers would soon find another gambling site that would take their money. With such non-discriminating patrons, keeping a site up and running 24/7 365 was key to its survival. As long as that was accomplished, the business raked it in. But unfortunately, for this man, his company’s success had drawn some unwanted attention in the last year.
Over the last several months, his Web business had been plagued with denial-of-service attacks. It was the attack du jour of cyber criminals. They realized they simply needed to overwhelm a site and crash it, and botnets, or “zombie armies”, were their DoS vehicle of choice. Cyber criminals would amass thousands of compromised computers and use them to take down a site and get it offline, so that when a customer tried to log on they would get a busy message, such as Temporarily unavailable. Those two words meant doomsday for the business. Their site was down. Indefinitely. And then would come the phone call.
Johnny Two-cakes soon experienced the type of phone call the man was talking about. He agreed to see things firsthand, and went to the man’s business. It wasn’t a fancy set of offices, but the equipment the man owned was impressive. The servers, computer systems, basic infrastructure was all top-of-the-line. And the security firewalls in place weren’t too bad.
Johnny Two-cakes spoke with the man’s head of IT and got the full tour. It was just as that tour was coming to a close that the site was hit with yet another DoS attack. Not three minutes later, they received the phone call and were told the terms. The head of IT put the call on speaker.
They wanted forty thousand to stop the attack. That was the first day. On the second day the price went up to eighty thousand. Every day it would keep going up. They were told all of this by a man with an Estonian accent. The man gave an account where the money could be wired. We receive money, we stop attack. No money, no site. Those are our terms.
The owner of the business, right there, wanted to pay immediately.
“May I?” Johnny Two-cakes said. He sat down at the command terminal and sized up the extent of the attack with a few rapid clicks. His pragmatic side quickly analyzed the problem, looked at the pros and cons, and saw the futility of acquiescing to the cyber criminal’s demands. Paired with that reasoning was also the principle of the matter. Johnny Two-cakes despised bullies, in any and all forms.
“Don’t pay,” he told the owner.
Puzzled, the man watched as Johnny Two-cakes went to work. It took him thirty-five minutes to stop the attack and get the site back up and running. After he got that done, he took down those responsible, permanently. They wouldn’t be bothering this man’s business anytime soon, not now or in the near future. Johnny Two-cakes eviscerated the cyber criminals. Their botnet army was now his, as were their bank accounts, which he soon divested in every one of his favorite charities.
Hearing that, Lip was impressed. “Thirty-five minutes?”
“Maybe it was a little longer. But I did accomplish the first part, stopping their attack within thirty-five minutes.”
Anyway, after that minor episode, word spread. In a few short weeks, Johnny Two-cakes had a viable thriving consultancy business. It was quite profitable. He made more in six months than what he made in twenty years working for the NSA. The money was fine, but the fact it was fun was what kept Johnny Two-cakes engaged.
“Fun?” Lip said.
“Yes, fun.”
Every day somewhere around the world some individual or group of individuals would test him. There was never a dull day. And he had to say, he started to enjoy the fringe benefits. He didn’t elaborate.
“Our boy was living large,” Lip said.
Johnny Two-cakes nodded, preferring that read into it, over the alternative. What he didn’t share with Marks and Lip was the emotional aspect of it; the transformation that was occurring within himself. It wasn’t the money that did it, it was more a state of mind, than anything. He’d felt himself stretching his wings during his time in Costa Rica and it actually made him rethink some of his life decisions. While tuna fish in the can was good, pan-seared bluefin tuna paired with a great salad, he had to admit, was better. Of course, he didn’t become an epicure overnight. But the baby steps he was taking were significant. While he’d always had money, he hadn’t always felt comfortable spending it. In incremental ways that mindset was changing and he was beginning to partake of the occasional indulgence.
“I guess I did start to expand beyond my normal comfort zones,” Johnny Two-cakes said, truncating the issue.
As good as things were becoming, it only got better when he met Marion. His frame of mind was in a good place, and it seemed good things sprung from that. He was the happiest he’d ever been. Marion was amazing. Life was amazing. It was as if he’d come out of the Dark Ages and discovered Voltaire. But unfortunately, his Age of Enlightenment was not to last forever, as storm clouds rolled in. Almost overnight, his business was upended. Another caliber of player entered the picture. They weren’t your typical outfit. They hit every client of his. And they didn’t resort to your typical DoS attacks. Their tactics were like nothing he’d ever seen.
“Prime?” Lip said.
Johnny Two-cakes looked at Lip, puzzled.
“That’s my name for him… or her. The numbers: 487, 499, all those you had in your office,” Lip said.
Johnny Two-cakes nodded. “Prime? Yes. But I have another name for him: ‘the man in the white mask’.”
“Bear with me,” Johnny Two-cakes said.
He relayed the rest. Every client of his was targeted. And it was only his clients. Johnny Two-cakes’s business had grown in five years. He was protecting approximately 68% of the companies in Costa Rica that relied on online connectivity for their businesses to run. It was very profitable, and maybe he became complacent, because it completely caught him off guard.
Each of the attacks against his clients was different, and they seemed to be coming from thousands of different vectors. At the time he had thirty-seven people working for him. They were all top notch and he’d trained them himself. Usually the way it worked was he would assist when they were outmatched. It didn’t happen often, as they were very good. But this time, every one of his employees was outgunned.
He assessed the scope. There were SYN floods, which were very sophisticated. If that was the only type of attack, it wouldn’t have been a problem. But there were IRC floods, banana attacks, fork bombs, ping of deaths, microcode exploitations, nukes, reflected attacks… he could go on ad infinitum. Some of the variations he’d never even seen before.
Then the phone calls started coming in. He traced them, of course. They were coming from all over the globe. It couldn’t be the same person, owing to the locations of the calls, but the voice was the same. The amounts asked to stop the attacks were three times the going rate. One hundred and twenty thousand American per site. Pay or no play. That’s what the message said. The voice was like a robot. After hearing it over and over, it became personal.
There was no way he wanted his clients to pay. But after a day of being down, many of them capitulated and paid up. The ones that didn’t, the ones that stuck with him, stayed down. He couldn’t stop the attacks. He’d counter one, and there would be a dozen that took its place. All the clients that stayed with him were penalized heavily. One paid three hundred and sixty thousand after three days to stop the attacks. Two of the clients had to pay over half a million—they stayed with him for five days. The others, and there were some, never paid. He never got them back up. Their businesses are now gone. And the two businesses that paid half a million never recovered. Their customers left and never returned.
Within a week he was finished. And some of his clients didn’t take it so well. Hits were contracted out on him. He and Marion barely escaped in time. In that business there were some characters, to say the least.
They had to lay low. And his house in North Arlington fit the bill. It was under the radar and as safe a place as any. There was nothing that anyone could trace back to him. The place when he purchased it over twenty years ago wasn’t even in his name. He was very careful with Marion’s and his own flight itineraries.
Once they got there, they kept a low-profile; made no contact with any friends or relatives. Johnny Two-cakes concentrated his energies on figuring out what in the world had happened. Who had targeted him? And why?
He started looking at each attack. On the surface they appeared to be coming from all over the globe. He used some of his best techniques to trace their almost nonexistent cyber trails, and ultimately had some success hacking into computers used by several of the perpetrators. He started seeing a few common denominators. There were emails to the perpetrators that were coming from the same source. He traced those to a server at China Telecom. Not the Beijing headquarters, but a divisional branch in Shanghai. What he found was perplexing to say the least. The emails all contained PDFs of recipes. And they were all coming from China Telecom, going to these unsavory cyber-criminal organizations around the globe. Organizations in Pak Kret, Thailand; Sofia, Bulgaria; Kano State, Nigeria. And those were just the ones he backdoored. There were so many vectors. The emails and recipes didn’t make any sense. And the addresses varied each time. They were all sent—
“Using onion routers,” Lip said.
“Yes, TOR,” Johnny Two-cakes said. “You examined the jump drive.”
“But how did you get all those emails? There were thousands of them on the stick?” Lip said.
“I went to our friend in the shop,” Johnny Two-cakes said.
Their old colleague Lawrence Simpson, who was still at the NSA, helped him out. He was anxious to help, particularly after Johnny Two-cakes explained what had happened in Costa Rica. At first they both thought the text in the recipes would yield some sort of hidden code or means of encryption. But pursuing those avenues proved fruitless.
At the time he had about twenty emails with twenty PDFs. After getting some special clearance, they ran those PDFs through the Black Widow, but came up empty. That’s when they noticed a common peculiarity about the emails. Although they were all different addresses, each of them contained a prime number. It could have just been a coincidence, but in twenty emails the odds of that happening were remote. Johnny Two-cakes convinced them to put the Black Widow to work again, to pull from the soup, specifically from the archives.
The NSA had data centers whose sole function was to store the soup. Years of material was stored there. Exabytes upon exabytes of information. They culled every email in the system that had prime numbers for the last characters in the address. There were tens of millions, of course, but they narrowed the search by focusing on those that had PDF attachments. He had all the recent ones printed, which still amounted to a pretty impressive pile, but in this case we were talking thousands now, not millions. Those emails filled dozens of boxes.
“We saw them,” Marks said.
“At my house, yes,” Johnny Two-cakes said.
“How did you manage that,” Lip said. “They let you take that home?”
“Yes,” Johnny Two-cakes said. “I soon outstayed my welcome.” They didn’t get any headway with any of it. Utilizing the Black Widow for a merry goose chase didn’t sit well with the Director. It wasn’t long till it got shelved. But Johnny Two-cakes didn’t let it go.
The breakthrough came when he discovered the .exe file. It had been sent along with a PDF. And with that he was able to unlock the PDFs. After that things went very quickly. He discovered all sorts of things. Horrible things. The video content and the way messages were being sent to different organizations with certain instructions. He went back to Lawrence with what he had, but not before running things down himself. He locked himself in his office for days. It was during that time that he discovered the attempt at media sanitization; how online records, newspapers, news sources had had records expunged in the last few years. It was so pervasive and directly linked to content in the emails that it couldn’t be incidental. The implications behind such a whitewash, if that’s what he was seeing, was frightening.
“I’ve told you some of it,” Johnny Two-cakes said. “And you’ve obviously put together some of the pieces as well. The deaths of the individuals, certainly stood out. But some of the other material was equally, if not more, alarming.”
He elaborated on some of the details. How the volatility of the stock market over the last few years had not been by accident. Through computer trading and using intermediaries around the globe to place certain large investments, China Telecom had been manipulating the markets, causing stocks to rise and fall precipitously. By using sophisticated computer algorithms run through the Black Widow they’d figured a way to move the markets at will. Certain volumes of trades when combined with certain cascading hedging of bets could trigger certain unusual results. With such manipulations China Telecom could move markets in seconds. Computer trading was the new norm. And those computers would respond in milliseconds if they sensed shifts in the market.
China Telecom was essentially exploiting a fatal flaw in the system. On more than one occasion they’d triggered complete sell-offs. A drop of a 1,000 points in mere minutes, for example. Usually, though, they were more cautious in how they orchestrated the movements of markets. And each time, with their prudent buying and hedging, China Telecom was in a position to profit obscenely.
For the last few y
ears they had been making trillions of dollars by rigging the markets. “I was unable to trace where the money went, but I can only assume that money has been filling the coffers of the China Machine,” Johnny Two-cakes said.
He explained his theory. China’s unsustainable economy had to be sustained in some manner or another. And they’d found a way. Even the blackmailing of those gambling sites in Costa Rica was all for the cause, another vehicle to bring in revenue. Europe’s insane volatility in the last two years was also no coincidence. China was reaping, while the rest of the world was weeping.
“Holy cow,” Lip said.
Johnny Two-cakes had connected the many dots by using of all things, old newspapers. He’d gotten them on loan from NSA’s archives. Even still, it was impossible to determine the full scope of what was going on. It was too far reaching. There were too many incredible connections he was seeing. The upcoming presidential election, the voting machines and possible tampering…
In the end, even with all the damning information he showed the NSA, the Director didn’t buy it. It was too fantastic, too incredibly improbable. Perhaps she was gun shy; it was hard to say. She’d recently been embarrassed with an intelligence fiasco and perhaps she didn’t want to go to the President with anything less than a sure thing. Whatever the reason, she demanded Johnny Two-cakes furnish something more concrete than the content he was providing. A way to validate these over-the-top charges that Johnny Two-cakes was bringing to light.
Johnny Two-cakes had managed, with some difficulty he might add, to get the nod to make an unofficial visit to Shanghai to obtain just the sort of confirmation she was demanding.
“And I did find it,” Johnny Two-cakes. “At least enough to confirm some of the material. I sent it back to the NSA using our encrypted protocols. But I heard nothing in response.”
“Nothing?” Lip said.
“That’s right,” Johnny Two-cakes said. “Not a peep. Either the protocols are compromised, or individuals within the NSA have been compromised. Either way, our communications have been severed. Gentlemen, as I said, I haven’t been upfront with you. The crux of it is, is that we have no green light. This is not a sanctioned operation. But inaction at this point is simply not acceptable, and an opportunity like this may not come again. Mei’s team is aligned with us. If we strike now, we can accomplish several aims. Take out the Black Widow, hamstring the Politburo’s ability to oppress their people, and lastly and perhaps most importantly, prevent certain actions that unchecked have the capability of triggering World War III.”