Today, Feng took the interior fire-escape stairs and emerged on the third floor. He was preoccupied with cyber operations and that meant this floor. Here, dedicated teams conducted widespread and often very specific information gathering from thousands of crucial targets. Whenever an area vital to China’s interest was involved, a team learned everything they could about those involved. In this increasingly digital world, that was often a great deal indeed. Most helpful had been the development of a Trojan they’d implanted in various telephone networks, giving them access to the in-house tracking of individual numbers. The networks did this routinely to assist them in determining service demand at specific locales.
There were, however, two immediate cyber operations about which Feng was most concerned. Four days earlier, he’d watched an elite team conduct a test of their system implanted in the WAyk5-7863 power grid located in the eastern portion of the state of Washington in America. The Trojan had been meticulously placed there the previous month. His team had run tests until it was certain the malware would work as intended.
This was the most sophisticated power grid Trojan China had ever developed, and was key to Feng’s long-term strategy. Its potential was so enormous that he had not breathed a word of its existence to anyone in authority. He had to be certain it did what he was promised, then it had to be meticulously insinuated into the entire American grid system.
Feng’s work was much like defending against a terrorist attack, he often thought. No matter how many times a nation successfully thwarted such an attack, the terrorists only had to succeed once. In his case, no matter how long his Trojans loitered in the targeted computers, or how successful his mission, he only had to be uncovered once. Then the tree would fall, as his grandmother had often told him, and the monkeys would scatter.
Feng often cautioned his young geniuses to be careful. Youth was impetuous, he knew. Reining in such passions totally was all but certain to be impossible. Mistakes would happen, they had in fact already happened, but none had as yet come back to them. He was satisfied the carefully crafted and planted Trojan would not be detected. So much malware, from any number of sources, already permeated the grid’s software that his in effect hid amid the trash. Through this technique they’d managed to hide and cover their trail, to muddy the waters so to speak, leaving responsibility pointed elsewhere if it came to that.
Or so he hoped.
Feng had selected the hour after midnight in his targeted area for the actual test, a time when the consequences would be minimal. He wanted nothing dramatic to happen. For that reason the test had to be short.
It lasted just fourteen minutes. And the effect had been as comprehensive as Feng had been assured. Yakima and the surrounding region had been plunged into darkness. In crucial areas backup systems had sprung to life but in many cases these had been poorly maintained or untested and they’d failed at the crucial moment.
Feng had been delighted, especially when shown a satellite image of the area, a black blot surrounded by pinpoints of light. Then the reports of deaths and accidents had come in. A train stranded by the power failure had been rear-ended by another. The loss of life was scant as these were freight trains but entire cars had plunged into a canyon. An engineer and four others were killed. And there’d been a hospital death, a patient who died during surgery when the power was extinguished. There’d also been auto collisions, people trapped in elevators—all the things he’d expected. And so far there was not the slightest suspicion that the Chinese had done it.
There was, as well, his UNOG penetration. For more than a year another special unit had labored to crack cyber-security at the United Nations. That itself had not been so difficult, as well as planting the various malware they required for their project. Handling it all with delicacy though demanded great care and restraint. Planning when and where to act was even more daunting.
They were now reproducing the keystrokes of dozens of UN officials and recently, through the use of an amazing bit of word-processing code, had begun to access their files directly. With this information they’d slowly determined the central players.
Now, the latest variation allowed his people to alter files. Just as significantly the digital signature could be delayed and set in place after the revised document was ready. He’d reported this development of necessity, cautioning it should not be used carelessly. Given time his people could cause enormous damage to the United Nations but he was limited in how fast he could perform such work.
Then, with this program barely underway, he’d been ordered to modify the Iran nuclear report. Feng had balked, pointing out that the deception would be discovered at once and his long-term plans thwarted. Though his best people were busy modifying documents within the UN computers in Geneva and New York, they had not yet achieved the desired penetration because he lacked sufficiently skilled technicians able to express themselves in the proper English.
But his objections had been overruled. Someone wanted to delay any military action against Iran, to give them just a bit more time to detonate their first nuclear bomb. Iran had assured them it was imminent. Feng knew better and told his superiors the reality as he understood it. While the Iranians were close they were still hampered by their infected computers. In some cases they’d been reduced to handling issues by hand on a whiteboard. If they could inoculate their computer system from this Stuxnet pestilence the final steps could be accomplished in a few short weeks. As it was . . .
Feng still burned at the thought of the error left in the latest variation of the code they’d embedded in UNOG. When it had followed the path to London it had not worked. A flaw in the exploit code had caused OfficeWorks to crash. That should never have happened. On top of it, they had sent the malware with the altered document. They should have sent it in an unaltered file to avoid drawing attention. Now, the entire project was in jeopardy. Those bright kids had failed.
His protestations to his superiors about employing the software in such an obvious manner were pointless, he realized. The botched work by his team had led to early detection regardless. He’d have to find out who’d made the mistake; Feng’s instructions had been specific.
He just wished he’d had a little more time. Iran’s nuclear program had been brought to a virtual standstill by this Stuxnet worm. His people had devised, then he’d dispatched in stages, countering software to Iran as quickly as it could be developed, and while it had slowed the damage Stuxnet caused, it had not stopped it. The worm was constantly morphing, altering its approach, infecting operational parts of equipment by planting itself within the control computers.
The most frustrating part of the process had been the refusal of those above to allow his team to send these patches digitally. He’d assured them time and again that there were secure e-mail routes or ways to download from the Internet that would never trace back to China. But the role his operation played in assisting Iran was considered highly sensitive, one in which plausible deniability was the paramount consideration. Because of the need for speed he’d persuaded them to allow the first step in transmitting the patches to be electronic. After that a courier, a mule, was used. It added two to three days to the transfer time but Feng had been told the decision was final.
Feng was worried. New versions of Stuxnet were periodically released and he was certain that another had been designed to reinfect any untainted new computers. Only Feng’s software could prevent it. And this needless, senseless, delay of two or three days to give some aging party official a bit of ease only increased the likelihood that an exploit would be implanted. The last version of Stuxnet had been more destructive than the first. He didn’t want to think about what was to come. Despite the best efforts of the Iranians, the strains managed to find a way in.
Iran’s program had already been so damaged and delayed the country had taken the unprecedented step of replacing thirty thousand computers to get a fresh start. Feng had cautioned against this approach before his work on Stuxnet had reached a more de
veloped stage but the Iranians were paranoid about the “air gap” again being penetrated as it had previously been by thumb drives. They refused to wait, convinced they’d solved the problem on their own with stricter precautions.
As a consequence, Feng had a team working feverishly on a comprehensive counter for the new Stuxnet strain they’d detected in the systems, which went to the heart of the worm. This counter could be patched into the fresh network to keep it free from infection. He believed they nearly had it, that this new megapatch would suppress any Stuxnet variation, though nothing was certain. Feng had wanted this patch to be in place before the UNOG Trojan was employed as its discovery would likely speed up deployment of the new Stuxnet variant before it was implanted. But he’d been assured the UNOG software would not be detected and had gone ahead; then the software had been disclosed by orders from Beijing and the incompetence of his own people.
The one thing certain in all this, and the cause of Feng’s great unease, was that if things went wrong he would take the blame.
At the UNOG team work area, Feng approached the supervisor. “Tell me.”
The young man looked up, startled by his superior’s unexpected presence. “Someone is conducting a forensic examination on the principal target computer in Geneva.”
A rush of acid bathed Feng’s gut. “That is unfortunate.” But to be expected, he thought. “Has he found our plant?”
“I can’t say for certain. We’re not able to follow his movements.”
“Continue to monitor his work, but put a team on UNOG’s recent communications and learn his identity. That is priority. You are to provide me with an update every hour until you have that. Also, inform me of just how much he has learned if possible.”
“Yes, sir. The target sent an e-mail informing a colleague a cyber-expert was arriving from London, an American apparently. Someone disconnected the computer about the time he was scheduled to arrive so we’ve been blind. We’ll remain on this and work our other sources.”
Feng placed his hand on the young man’s shoulder. “I know you will do your best. Put a team on the identity. That is crucial at this point.”
Feng went to the elevators and returned to his office. If the forensic investigator was good enough he just might find their plant. They’d hidden it well, cleverly, but it existed in that computer. The cloaking they’d given it might be discovered despite the assurances of his people. He needed to stop this man at once. And for that he required a photograph and a name.
In his office, Feng sat at his desk and promptly lit another cigarette as he considered how to proceed. He glanced out the window and scanned the skyline of Urumqi, taking in the snowcapped Tianshan mountain range. Winter was passing yet the mountains were still clothed in a glowing white. Below was the usual urban haze, the pollution associated with progress throughout China.
Feng was from Kunming in Yunnan Province in southern China, just touching Vietnam. Known as the City of Eternal Spring he’d not fully appreciated its magnificent climate until he’d been posted to Urumqi. Despite its majestic view of the mountains and its historic location as one of the principal cities of the old Silk Road, this was an arid region, with long dry winters and long, even dryer summers.
Feng longed to be home in beautiful Yunnan. Except for his wife and son, all his family were there. But leaving all that was the price he’d paid to ambition. He was not alone in that regard. Nearly every man of today’s China was required to give up a part of himself for advancement. There was no turning back now.
He glanced at his coffee mug and wondered just when it was he’d given up the wonderful teas of his youth. At some point he’d given in to the preferred drink of the West. Everyone in his generation on the rise had, he believed. Like American cars, coffee was a badge of personal progress.
Feng understood that the People’s Liberation Army Cyber Warfare Center had been located here to remove it from prying eyes. Urumqi was tucked away in a corner of largely desolate western China. No foreigner could come here without attracting attention. Few in China, and fewer still abroad, understood that this was the nerve center of China’s ongoing cyber war against the West.
In his view, one shared by the general staff and party leaders, what took place within these walls was on par with China’s nuclear capability. In many ways it was superior, in Feng’s opinion, as China could always deny it existed. Deniability was the cornerstone of everything his team did.
But not all of China’s cyber warfare effort was under his control and that was a constant source of irritation. He’d argued repeatedly against the current approach, pointing out the inherent inefficiencies, misguided attacks, poor training, and overlapping efforts. More than once his team had penetrated a U.S. government computer with absolute stealth only to discover poorly written code implanted by another Chinese operation, one certain to be detected. And once alerted the IT team would find his as well. Worse, those other operations were not nearly as careful about not leaving behind trails back to China.
In the beginning, before the PLA fully appreciated cyber warfare’s potential and launched its own program here, the military had encouraged private hackers to attack the West. This was much like the old system of privateers the French and British had used in time of war, when civilian ships were given letters of marque, authorizing them to prey on the enemy’s merchant ships. The idea was to unleash against the West the potential of thousands of young Chinese, then glean the benefits.
These were the so-called Patriotic Hackers. They were freebooters authorized to be destructive, to spread malware throughout the West. No one knew what they did, really, and most of it in Feng’s view was a waste of time.
Malware was now openly sold in Chinese Web sites. Companies marketing it even offered an end-user license agreement and twenty-four-hour support services. Cutting edge exploits were commonly available. In some cases, buyers could carefully customize malware to fit their particular needs. A new hacker could specify if he wanted his malware to log keystrokes, to capture remote screens, to steal financial data, to remotely control a system, or some other undertaking. Sophisticated malware was sold off the digital shelf for as little as twenty dollars.
Feng had complained about such blatant marketing and had been told there was nothing to be done about it, that such activities were part of the price China paid for a more open economic system. But he’d not accepted the explanation. Someone, somewhere within the government he was certain, was pursuing this course to make it easier for the Patriotic Hackers.
The PLA made its first tentative move toward control when it organized Information Warfare Militia units. These were comprised of students, scientists, and IT professionals in research institutes, IT firms, university computer science departments, and even private computer clubs in China. Since inception they had developed a relatively mature cyber network in the West.
These groups were incredibly careless in Feng’s view. He’d spoken against them repeatedly. They maintained online journals were they openly discussed what they did. They had forums where they bragged about every penetration or new virus they’d created. True, they stole data, launched denial-of-service attacks, created digital havoc. All the while, they left evidence behind and failed to close the digital door too often, letting the Americans trace their penetration right back to China itself.
Not much came of that, of course. The Americans would complain, the Chinese would express shock that some of their young people would do such a thing and would promise to look into it. That was all. But it served to keep the Americans on their toes and it obstructed Feng’s more productive efforts far too often.
Though Feng had demonstrated repeatedly that such an approach was now outdated, it continued. At the least, the Information Warfare Militia units should have been abolished when his center was created. Feng had argued, with some success, that they had to be controlled. In a time of emergency they might attack the wrong targets or overreact. He’d been listened to, but not enough. The
re’d been changes, but they were insufficient.
Feng lit another cigarette and took in the mountain view again. The problem with this location were the Muslims, who comprised a quarter of the local population. The largest group, the Uyghurs, had taken to rioting in recent years, demanding increased rights, even independence from China. Feng had no doubt agitators were stirring them up. More than two hundred had been killed in the most recent demonstrations, many more simply disappeared.
Feng couldn’t look at a mosque, hear the call to prayer, or see a Uyghur in ethnic dress without feeling a wave of disgust. These people were Chinese, why didn’t they act like it?
At forty-three years of age, with short cropped graying hair and a slight paunch, Feng felt he was at the height of his competence. He was a short man at five feet six inches, not unusual for his generation but still below the average. These young men, he noticed, were tall and lean, with that healthy glow Feng wished he possessed. This was especially the case with those who’d lived and studied in the United States.
We’re making a new China, he often thought when regarding them, one complete with a new man.
He sighed. Despite his efforts against Stuxnet, his penetration of the American power grid, and his success with the United Nations, the American DOD remained his primary target—that and its extensive network of vendors. The Americans were still surprisingly lax with computer security but there were areas his very best people had been unable to reach. His superiors were becoming more and more insistent that he gain access. The Americans might wake up someday, that was always possible, but he was certain that by then he’d have gutted the DOD.
Trojan Horse Page 10