Authors: Spencer Adams
Tags: #pulp, #military, #spy, #technothriller, #north korea
CHAPTER 21
WEDNESDAY
Langley, Virginia
Sara sat in conference room C. She just
received a call from building security downstairs saying her
visitors were coming up. It had taken about 40 minutes for Mark to
get to Langley, and Sara was tired from pacing around in her
office. Sara’s stomach had been doing somersaults as she imagined
what Mark had to say.
Why was the NSA about to call us?
She had marched to the command room and told
Anderson that someone from the NSA was coming with important
intelligence. She wanted him to hear whatever Mark knew. She
replayed in her mind how Anderson stared at her when she had told
him. His eyes looked like a thousand thoughts were scrolling behind
them. After a pause, he had told her in a measured tone “Call me
when he’s here.”
Now, sitting in the conference room, the
seconds felt like hours as Sara waited for Mark to come into the
room. She looked through the window. Outside, past the parking lot,
Sara spotted a black swan in a small pond. She had never seen one
before.
Suddenly the door opened. A man walked in.
He was actually somewhere between a teenager and a man. He looked
like he was 20, but was probably 25 or 26, Sara thought. He had
medium length blond hair and was wearing a button-down with slacks.
He did not wear glasses and looked relatively fit to Sara. He had a
runner-type fit, where he was lean and looked like he could run to
Washington DC from Langley and quickly catch his breath when
arriving.
Behind the young blond man was another,
similarly young man. Maybe it’s his analyst, Sara assessed. The
second young man had light brown hair, combed neatly, and had a
thicker build. He looked like he lifted weights. He was also in a
button-down and slacks. He did not wear glasses either.
The blond man stepped towards her. “Hi,
Sara. I’m Mark Aubrey. This is one of the analysts on my team,
J.D.” Sara shook their hands.
Sara stared at them for a moment longer than
felt comfortable.
Are these the right
people? They don’t…look…like computer people
.
Sara had expected to see someone nerdier. Is
that not how most math or computer science wunderkinds looked?
These two looked surprisingly normal, and she was taken aback.
They both had the same
facial expression. Their eyelids and eyebrows looked droopy and
their mouths had no expression at all. This made them look as if
they did not care about anything at all. Or maybe it was a look
that said, “I’ve forgotten more than most people ever knew.” Sara
did not like it. But something about it was attractive, she
thought.
What a strange contradiction.
What do you call that?
J.D. methodically put his bag on the table
and started pulling out a laptop. Mark asked, “Is there anyone else
joining us?”
“
Yes. Let me call my boss.”
Sara replied.
Sara picked up the phone in the conference
room and called the Command Room. She was passed to Anderson. After
a quick “they’re here,” she put the phone down. In what seemed like
no time, the conference room door opened. Anderson walked in, his
hand extended towards the NSA analysts. “Hi. Nice to meet you. John
Anderson,” he said, his face failing to hide his surprise at
meeting someone who looked rather young.
“
Hi, John. I’m Mark
Aubrey.” They shook hands.
“
I’m J.D. I work with
Mark.”
After Anderson, Matt came in and introduced
himself. Sara was glad to see him. At least he probably spoke the
same language as these NSA people, she thought.
“
Guys, I’m sorry” Anderson
started “But I only have two minutes. We have something going on in
the other room. What is it that you wanted to tell us?”
Mark got going right away. “Last week, we
noticed that a routine message we had sent to one of our embassies
over the Internet had, for some reason, rerouted through China
before it arrived at the embassy. We had attached a tracer, or a
piece of code that sends us back its trip information after an
email is received. When we started looking into it, we noticed that
there were other emails being rerouted this way. Not a lot—“
“
We estimate about 5% of
the NSA’s international emails” J.D. added.
“
But what we also noticed
as we started looking wider was that other government messages and
emails were being rerouted this way.”
Sara could feel her heart rate gradually
increase, as if Mark was turning up a dial while speaking. Anderson
was looking at Mark with ever increasing concern.
Mark continued, “We eventually noticed that
there was a small percent of CIA messages being rerouted this way
as well. But what was disconcerting was that almost all of the
messages being sent through the secure Defense Message System, or
DMS, to the military were being rerouted through China. Luckily
since we started watching earlier this week, the CIA has not sent
too many messages to the military on the DMS. But you were one of
the few who did.” He looked at Matt and Sara. His last sentence
sounded like a sledgehammer hitting a wall.
Mark continued, “You sent a message on
Monday morning to Pacific Command, correct? It went through a city
in China called Wuhan before getting to Pacific Command.”
“
So what does that mean?”
Anderson jumped in.
“
We believe we, and you,
are victims of what’s known as a ‘Man-in-the-Middle attack’. We
call it MIM”
“
What does that mean.” Sara
asked.
“
I don’t understand” Matt
said, “The DMS is an encrypted system.”
J.D. walked towards the whiteboard in the
room and grabbed a marker.
“
Can I use this quickly?”
he asked, “Let’s take a typical messaging system, like email. Let’s
say Alice wants to send a message to Bob.” J.D wrote the name
“Alice” on once side of the board and “Bob” on the
other.
“
Alice wants her message to
be encrypted, or ciphered, so that only Bob will be able to
understand the message. The way they do this is Bob first sends his
key to Alice. This is like a cipher key that gives her instructions
on how to encrypt a message.” He drew an arrow from Bob to Alice
and wrote “Bob’s Key” above it.
“
Then Alice uses that key
to encipher her message and when she’s done, she sends this message
to Bob. This is how email works.” He drew an arrow going from Alice
to Bob with “message” written above it.
“
In this case, if anyone is
able to intercept the message, they will just see the enciphered
version, what we call ciphertext. It will look like nonsense, like
this—“ He started writing what seemed like random letters, five at
a time with spaces in between. Sara looked carefully. J.D. had
written: “RWMUW XTPIY GTSPN PPEZ”
“
And when the message gets
to Bob, he uses his key to decipher the message. He can now read
Alice’s message. The person who intercepted the message did not
know what Alice told Bob. The pictures on the board helped Sara
understand what he had explained.
Then J.D. took a breath and erased all the
arrows he drew.
“
In a MIM attack, a hacker
steps in between Bob and Alice—“ He wrote “Hacker” in between
“Alice” and “Bob” on the whiteboard. “Now let’s say that, again,
Alice wants to send a message to Bob. So she asks Bob to send her
his key. But, this time when Bob sends his key, the Hacker
intercepts it before it gets to Alice.” J.D. now drew an arrow from
“Bob” to “Hacker” and labeled it “Bob’s Key”.
“
The Hacker has Bob’s key.
Now the hacker sends his own key to Alice. Alice thinks that this
is Bob’s key, so she encrypts her message with this key the same
way as before.” He drew an arrow from “Hacker” to “Alice” and
labeled it “Hacker’s Key.”
“
Then she sends the message
to Bob. But—“ he put emphasis on the word “but” as he drew an arrow
from “Alice” to “Hacker”. “But the hacker intercepts this message.
Since the message is encrypted in the hacker’s key, he can decipher
it and read it. Then he can encrypt it with Bob’s key, since he
received it earlier, and send the message to Bob. Bob will decrypt
it with his key and read it.” He now drew an arrow from “Hacker” to
“Bob”.
Now Mark stepped forward, “What can happen
here, is that a hacker can basically read an encrypted message and
send it on to the person it was meant for. He can usually do this
without either the sender or the recipient knowing that he has seen
it. If he is good, he can do this without installing any permanent
malware on either victim’s computers.”
Anderson was looking at them with his mouth
hanging open. Sara was pretty sure hers was open as well. Her
stomach felt like a pot full of boiling water. For some reason she
visualized Tom, with his strong facial features and clean shave,
tied to a chair with North Koreans yelling at him. She pushed the
thought out of her mind.
Mark continued, “We did not read the message
you sent. We just followed the traffic, so we are not sure what you
guys have going on. But you should know that as we were looking
into this yesterday, we discovered that your message to PACOM went
not just through Wuhan, China. It went through a military base. A
group of people that work there saw your message. We actually have
had to deal with that group before. They are a cyberwarfare unit in
the People’s Liberation Army. They are the Chinese military’s
hacking unit. We even know the person that intercepted your
message. We’ve had to deal with him before too. We don’t know who
he is, we just know him by his handle, or his username. He’s known
as ‘SLOTHMAN’. Using our own— methods—“ Mark looked at J.D., “we
understand that as soon as SLOTHMAN saw your message, he placed a
call to the man we assess to be his boss – the head of that
Cyberwarfare unit. We don’t know who he is yet. He’s a mysterious
figure. His handle is NATPAC.”