Trojan Horse (14 page)

Read Trojan Horse Online

Authors: Mark Russinovich

BOOK: Trojan Horse
4.58Mb size Format: txt, pdf, ePub

As a consequence, Feng had a team working feverishly on a comprehensive counter for the new Stuxnet strain they’d detected in the systems, which went to the heart of the worm. This counter could be patched into the fresh network to keep it free from infection. He believed they nearly had it, that this new megapatch would suppress any Stuxnet variation, though nothing was certain. Feng had wanted this patch to be in place before the UNOG Trojan was employed as its discovery would likely speed up deployment of the new Stuxnet variant before it was implanted. But he’d been assured the UNOG software would not be detected and had gone ahead; then the software had been disclosed by orders from Beijing and the incompetence of his own people.

The one thing certain in all this, and the cause of Feng’s great unease, was that if things went wrong he would take the blame.

At the UNOG team work area, Feng approached the supervisor. “Tell me.”

The young man looked up, startled by his superior’s unexpected presence. “Someone is conducting a forensic examination on the principal target computer in Geneva.”

A rush of acid bathed Feng’s gut. “That is unfortunate.” But to be expected, he thought. “Has he found our plant?”

“I can’t say for certain. We’re not able to follow his movements.”

“Continue to monitor his work, but put a team on UNOG’s recent communications and learn his identity. That is priority. You are to provide me with an update every hour until you have that. Also, inform me of just how much he has learned if possible.”

“Yes, sir. The target sent an e-mail informing a colleague a cyber-expert was arriving from London, an American apparently. Someone disconnected the computer about the time he was scheduled to arrive so we’ve been blind. We’ll remain on this and work our other sources.”

Feng placed his hand on the young man’s shoulder. “I know you will do your best. Put a team on the identity. That is crucial at this point.”

Feng went to the elevators and returned to his office. If the forensic investigator was good enough he just might find their plant. They’d hidden it well, cleverly, but it existed in that computer. The cloaking they’d given it might be discovered despite the assurances of his people. He needed to stop this man at once. And for that he required a photograph and a name.

In his office, Feng sat at his desk and promptly lit another cigarette as he considered how to proceed. He glanced out the window and scanned the skyline of Urumqi, taking in the snowcapped Tianshan mountain range. Winter was passing yet the mountains were still clothed in a glowing white. Below was the usual urban haze, the pollution associated with progress throughout China.

Feng was from Kunming in Yunnan Province in southern China, just touching Vietnam. Known as the City of Eternal Spring he’d not fully appreciated its magnificent climate until he’d been posted to Urumqi. Despite its majestic view of the mountains and its historic location as one of the principal cities of the old Silk Road, this was an arid region, with long dry winters and long, even dryer summers.

Feng longed to be home in beautiful Yunnan. Except for his wife and son, all his family were there. But leaving all that was the price he’d paid to ambition. He was not alone in that regard. Nearly every man of today’s China was required to give up a part of himself for advancement. There was no turning back now.

He glanced at his coffee mug and wondered just when it was he’d given up the wonderful teas of his youth. At some point he’d given in to the preferred drink of the West. Everyone in his generation on the rise had, he believed. Like American cars, coffee was a badge of personal progress.

Feng understood that the People’s Liberation Army Cyber Warfare Center had been located here to remove it from prying eyes. Urumqi was tucked away in a corner of largely desolate western China. No foreigner could come here without attracting attention. Few in China, and fewer still abroad, understood that this was the nerve center of China’s ongoing cyber war against the West.

In his view, one shared by the general staff and party leaders, what took place within these walls was on par with China’s nuclear capability. In many ways it was superior, in Feng’s opinion, as China could always deny it existed. Deniability was the cornerstone of everything his team did.

But not all of China’s cyber warfare effort was under his control and that was a constant source of irritation. He’d argued repeatedly against the current approach, pointing out the inherent inefficiencies, misguided attacks, poor training, and overlapping efforts. More than once his team had penetrated a U.S. government computer with absolute stealth only to discover poorly written code implanted by another Chinese operation, one certain to be detected. And once alerted the IT team would find his as well. Worse, those other operations were not nearly as careful about not leaving behind trails back to China.

In the beginning, before the PLA fully appreciated cyber warfare’s potential and launched its own program here, the military had encouraged private hackers to attack the West. This was much like the old system of privateers the French and British had used in time of war, when civilian ships were given letters of marque, authorizing them to prey on the enemy’s merchant ships. The idea was to unleash against the West the potential of thousands of young Chinese, then glean the benefits.

These were the so-called Patriotic Hackers. They were freebooters authorized to be destructive, to spread malware throughout the West. No one knew what they did, really, and most of it in Feng’s view was a waste of time.

Malware was now openly sold in Chinese Web sites. Companies marketing it even offered an end-user license agreement and twenty-four-hour support services. Cutting edge exploits were commonly available. In some cases, buyers could carefully customize malware to fit their particular needs. A new hacker could specify if he wanted his malware to log keystrokes, to capture remote screens, to steal financial data, to remotely control a system, or some other undertaking. Sophisticated malware was sold off the digital shelf for as little as twenty dollars.

Feng had complained about such blatant marketing and had been told there was nothing to be done about it, that such activities were part of the price China paid for a more open economic system. But he’d not accepted the explanation. Someone, somewhere within the government he was certain, was pursuing this course to make it easier for the Patriotic Hackers.

The PLA made its first tentative move toward control when it organized Information Warfare Militia units. These were comprised of students, scientists, and IT professionals in research institutes, IT firms, university computer science departments, and even private computer clubs in China. Since inception they had developed a relatively mature cyber network in the West.

These groups were incredibly careless in Feng’s view. He’d spoken against them repeatedly. They maintained online journals were they openly discussed what they did. They had forums where they bragged about every penetration or new virus they’d created. True, they stole data, launched denial-of-service attacks, created digital havoc. All the while, they left evidence behind and failed to close the digital door too often, letting the Americans trace their penetration right back to China itself.

Not much came of that, of course. The Americans would complain, the Chinese would express shock that some of their young people would do such a thing and would promise to look into it. That was all. But it served to keep the Americans on their toes and it obstructed Feng’s more productive efforts far too often.

Though Feng had demonstrated repeatedly that such an approach was now outdated, it continued. At the least, the Information Warfare Militia units should have been abolished when his center was created. Feng had argued, with some success, that they had to be controlled. In a time of emergency they might attack the wrong targets or overreact. He’d been listened to, but not enough. There’d been changes, but they were insufficient.

Feng lit another cigarette and took in the mountain view again. The problem with this location were the Muslims, who comprised a quarter of the local population. The largest group, the Uyghurs, had taken to rioting in recent years, demanding increased rights, even independence from China. Feng had no doubt agitators were stirring them up. More than two hundred had been killed in the most recent demonstrations, many more simply disappeared.

Feng couldn’t look at a mosque, hear the call to prayer, or see a Uyghur in ethnic dress without feeling a wave of disgust. These people were Chinese, why didn’t they act like it?

At forty-three years of age, with short cropped graying hair and a slight paunch, Feng felt he was at the height of his competence. He was a short man at five feet six inches, not unusual for his generation but still below the average. These young men, he noticed, were tall and lean, with that healthy glow Feng wished he possessed. This was especially the case with those who’d lived and studied in the United States.

We’re making a new China,
he often thought when regarding them,
one complete with a new man.

He sighed. Despite his efforts against Stuxnet, his penetration of the American power grid, and his success with the United Nations, the American DOD remained his primary target—that and its extensive network of vendors. The Americans were still surprisingly lax with computer security but there were areas his very best people had been unable to reach. His superiors were becoming more and more insistent that he gain access. The Americans might wake up someday, that was always possible, but he was certain that by then he’d have gutted the DOD.

As for the UNOG penetration, he knew he couldn’t keep the failures of his own people a secret. There were plants among his staff. Beijing would learn of his failure. His stomach burned and he reached for an antacid.

His computer chimed. He clicked on the message and there was a photograph and a name, followed by a detailed biography of the man. He copied the material, then alerted the necessary people and made his request.

Feng sat back and lit another cigarette as he waited for his stomach to calm. All that work and then this guy comes along. He shook his head. Life just wasn’t fair.

15
 

PRAGUE 3, CZECH REPUBLIC

TABORITSKA 5

1:43 P.M. CET

 

A
hmed skipped class that morning. He was too tired to feign interest.

The blond Czech girl had exceeded his expectations in bed. He consistently found these Western women to be amazing. The only part of the experience he’d found unpleasant was discovering the large tattoo across her lower back bearing the name of an old boyfriend. Why did these women insist on marking themselves? And with a throwaway relationship? It was disgusting.

He showered, bundled the sheets and clothing to be washed later, then made breakfast. He lit his first cigarette of the day as he opened his net-book. He browsed several minutes, then promptly at 2:00 p.m. went to a Web site he entered from memory. It was down. He waited, then refreshed his browser. Still down. He waited a full minute this time, then refreshed again. There it was.

A porn site. He liked the pictures. He wanted to meet the man behind them someday as their taste was identical. But he wasn’t here for that. In the lower left-hand corner of the page was a small link in the form of a pulsating green ball. He clicked and it took him to a forum, or rather what was laid out like a forum. He hit his print tab and a small, fast printer clicked to life. In less than a minute, the forum was in hard copy. As he started to back out of the page to take another look at the pictures the Web site went down. He’d just made it.

Ahmed turned off the printer and computer, removed the pages, and moved to the small table to analyze them. He glanced at the calendar. It was the fourth month in the cycle so he went to the fourth entry on the forum. It was the eighth day. He went down eight lines. The line read, “. . . real? I think the babes are hot, hot, hot. I think you should post at least six new photos every . . .”

The number then was “six.” He moved his finger to the bottom of the forum, then carefully counted up six lines. He read, “. . . set up with phones for talk. I’d love to spend five hot minutes with . . .”

Phone. He straightened. Now that was something. He’d never been ordered to phone before—never.

Ahmed dressed, taking time to look good, pocketed cash from his dresser, retrieved a fresh pack of cigarettes, slung his backpack over his shoulder, then went for a walk. He stopped once for a coffee and studied the foot traffic from the way he’d come and spotted nothing. He went to a marketplace, wandered aimlessly, twice checking surreptitiously by pausing at windows and using their reflection. He emerged on the far side, then sat for more coffee and a cigarette. Again, he saw no familiar faces.

He’d expected none. He’d done nothing to attract interest since coming to Prague. He’d been very careful. Next, he took several short back streets, stopping again at a coffee shop he’d never been to for a sweet roll. He sat and ate, scanned back the way he’d come. He lit a cigarette and watched. Nothing.

Such caution had been ingrained in him before coming to Prague and Hamid reminded him during every visit to keep his guard up. The Crusader was everywhere and no one could be trusted. Not that there was anything special about him to attract attention. He went to his classes and was an attentive student. To the extent possible, he made his trips over long weekends in what would be the normal pattern for a student. He still visited some of the trendy nightclubs, especially when Saliha was out of town. It was best to appear secular.

Other books

The Incredible Tide by Alexander Key
Aurora by Julie Bertagna
Carry the Light by Delia Parr
Curves on the Topless Beach by Cassandra Zara
The Bourne Retribution by Eric van Lustbader