you-books.com
Book menu
  1. Andrew W Mitchell
  2. Supervirus
  3. Supervirus_split_027.html
Prev Next

ALERT AT JOINT FORCES COMMAND

Near Denver, Colorado

Earlier that day

It was before dawn and General Jose Carrillo was on his way to the base. So much for holiday vacation. At least it was after Christmas. And hopefully it would be taken care of by New Year's. But the closer he got to the base, the more Carrillo started to feel he was dealing with a challenge beyond his abilities. It started with the coffee.

It was tough being away from his family so often. Yet his family was precisely the reason he worked so hard. He pondered this riddle every day: mothers and fathers toil away to raise and protect their children, who grow up and repeat the cycle.

He pulled out of the driveway. He thought of a moment the day before, when he had been in his cozy den, basking in the warm afterglow of Christmas with his family. His wife was snuggled in blankets, napping on the sofa. Carrillo sat next to her. Carrillo's octogenarian mother rocked silently in a chair by the fire. His youngest son -- who, at seven, was by far his youngest child and a feat of biology to be Carrillo's son at their ages -- rolled in pajamas at her feet. She asked him in a highly accented English, Tell me, Joey Carrillo, what are you going to be when you grow up? And he said, I'm not sure... maybe a herpetologist? And Carrillo and his mother looked at each other and laughed. They didn't know what a herpetologist was. And what's that, Joey? she asked. Oh, that's someone who studies reptiles and amphibians.

He smiled as he drove. Joey already knew things that he didn't. Carrillo got wiser with age, but the younger generation grew up smarter, and he was left protecting a world that was changing under his feet, one that he couldn't fully understand anymore. It was difficult, but it was the only way.

His thoughts drifted to the purpose of his drive. He had the entire drive to think about what they had told him on the phone. What had they told him on the phone? He reached for his coffee thermos to wake himself up.

There was no thermos. He looked down from the wheel: no thermos. He had forgotten to bring it with him. Did I make coffee this morning? he asked himself.

A chill went up his spine. He couldn't remember. He could remember getting the phone call, showering quickly, putting on his uniform, running downstairs... He knew he had walked through the kitchen. And he made coffee every morning. But he simply couldn't remember whether he had taken the time -- at least a minute -- to make coffee ten minutes ago.

The more he tried to remember, and couldn't remember, the more panicked he became. Sweat broke out on his brow. It was the second time this month that he had forgotten his thermos this way. Am I losing my memory? He was beginning to suspect that he was. He was a little young for his memory to start failing him, but it had to happen sooner or later. He hadn't told anyone about it.

He focused on the road. Keep your cool, General. No one cares whether you made coffee. There is coffee at the base. Now let's think about that attack. He remembered everything they had told him about the attack.

This attack was unusual. The computer network of the U.S. Department of Defense was under attack. That was nothing new. Thousands of attacks occurred against the DoD network on a continuous basis, of all imaginable shapes and sizes, from all corners of the globe. The number of attacks originating from China alone on a given day was mind-boggling.

And many of the attacks, such as the one that was bringing him to the base, were able to get into the Defense computer network, at least partway. That was nothing new either. Securing the Defense network was an ongoing race -- a race that the defenders inevitably lost sometimes. New vulnerabilities in Microsoft Windows and Unix systems were discovered on a daily basis. Whenever that happened, hackers around the globe started launching attacks to exploit and explore the new vulnerability. Meanwhile, the DoD, Microsoft, and the open source computing community developed patches to be installed on computers and remove the vulnerabilities. It was a race, between the patch and the attack, and sometimes the attack got there before the patch.

Carrillo pulled up at the JFCOM compound, and showed his ID at the checkpoint.

"Thank you, sir."

He parked his Jeep, headed in, and was briefed.

"This is crazy," he said. "The attacks are originating from America?"

"That is correct, sir. We have identified a small number of IP addresses from which the attacks are originating."

"That makes no sense," he mused. "Why would such a good attacker leave an obvious trace like this? We're going to have them in no time."

Most probably, the attackers were actually located outside the U.S. and hijacking computers in the U.S. to launch attacks from those computers. But a skilled attacker would at least cover his tracks better by using more IP addresses, minimizing his visibility and making it harder to trace the attacks back to his real location.

"Yes, probably, sir. If he stays put long enough."

"Is he that fast?"

His briefer hesitated. "The attacks used a variety of exploits. Some of them little-known. And they came rapidly. I personally don't think I've ever seen an attack this good."

"But he hasn't hit any mission-critical systems?" The Department of Defense layered and compartmentalized its defenses, with the so-called Defense in Depth strategy, so attackers had to breach many layers of defense to get to critical systems.

"No, sir. Our intrusion detection systems identified attacks between 0500 and 0530 hours and then they stopped."

"So what's the point?" He paused. "Could this be a script kiddie?" A kid with an unusual skill for hacking.

"Frankly, sir, script kids usually have only one exploit at a time."

"Right. It looks like recon. For a big attack on our inner layers. But then why would they let us see them?"

The question hung in the air.

"There is one idea that keeps occurring to me, sir." He coughed. "Someone could be challenging us. A signal."

He held his head in his hand. "Of course. A signal. Or a test." Carrillo got up and started pacing. He pondered the timing of the events. Could a terrorist attack be on the way? It was almost New Year's. The Western New Year, that was. The Chinese New Year came later. "When will we have a location?"

"We're working on it, sir."

Carrillo dismissed him and sat back at his desk.


Who are they and what are they doing, he kept asking himself. Carrillo was waiting for answers. What to make of this strange attacker, who had penetrated their outer systems -- easily -- and then stopped?

He had been making frequent visits to the Control Room, to stay connected to what was going on. But they didn't have a positive ID on the threat, and they didn't work as productively when he was breathing down their necks. So he limited his presence in the Control Room to regular visits, and returned to his office in the meantime and thought and waited.

At the desk he jotted notes and asked himself, Is there a threat here? It was a strange question. The usual questions were: How big is the threat? How much damage has been done? Did it touch critical systems? Where did it come from? What was the motive? Should we consider retaliation, or sending it up the chain for some other reason?

In this case, the question was, Is this an attack? Is it a threat?

The General was a man of intellectual discipline. He was not afraid to ask tough questions. And there was a tough question here. Getting it wrong could hurt the Department, the country, his career, or some combination thereof.

This was when the General, waiting and thinking, giving the Control Room time to come up with something, asked himself a philosophical question. What is an attack? More specifically, Can the power to attack, without a motive, be an attack? Because that was what Carrillo was looking at: the power to attack, without a clear motive and no damage done to date.

The extensive philosophy and terminology of the DoD had an answer to this question: the power to attack, all by itself, was a "threat." The capability to attack is a threat. But that's not what I mean, Carrillo thought, tapping his desk. A threat was something that could happen, but this had already happened.

He decided that there was no choice: when in doubt, you had to consider it an attack. A threat was like a message, or a signal. But if you didn't understand the signal, you were under attack.

His briefer returned in a hurry. "This is worse than we thought, sir. Looking bad. This morning the attacks didn't stop, like we thought. They changed their signature. They -- it -- has been spreading for a while now."

It looked like a computer virus, spreading from computer to computer. But it kept changing, trying different techniques, like a hacker. It looked like a rapidly mutating computer virus. It had spread onto the outermost computers of the Defense network and was moving to more secure networks.

"Is this a program or a human?"

"We don't know, sir. We've never seen an example of either one being able to do this."

"How far?"

"We're not exactly sure, sir. The signature keeps changing. We are working on it. But it's going far, sir. Really far. It's walking through." His voice quivered a little. He was shaking.

"What's it doing on these machines?"

"It's using CPUs and communicating with other infected systems. We're working on it."

"How soon will you have an answer?"

"Hopefully within an hour, but I can't guarantee it."

Carrillo took a deep breath. He had already decided what he had to do. "Let me get this straight. It's walking through the whole network. We're not sure what the extent is. We're not sure where it came from, and we're not sure what it's doing."

"That is correct, sir. We hope to answer some of those questions soon."

"In your opinion, how much damage could this attack cause?"

"Sir, we're not sure of the threat."

"Right. What's the worst case?"

"It could take down large portions of the network."

"You're referring to the Defense network, correct? It could take down large portions of the entire Department of Defense network, Pentagon, CENTCOM."

"Yes, sir. For all we know. We don't know for certain, but it looks quite powerful."

He looked to the side. For all we know was exactly the point, echoing his earlier thoughts. "We're going Code Red. Do you copy?"

There was a pause. "Yes, sir."

"That's Code Red. Give Code Red. I'm calling the Secretary," he said, walking to the corner and picking up a red phone. "He's going to want to know what this is."

"Yes, sir."

"He's going to want to know whether we should alert the President."

"Yes, sir."

"I need a report ASAP. Ten minutes. What it's doing, and where it's coming from."

Prev Next
Supervirus
titlepage.xhtml
jacket.xhtml
Supervirus_split_000.html
Supervirus_split_001.html
Supervirus_split_002.html
Supervirus_split_003.html
Supervirus_split_004.html
Supervirus_split_005.html
Supervirus_split_006.html
Supervirus_split_007.html
Supervirus_split_008.html
Supervirus_split_009.html
Supervirus_split_010.html
Supervirus_split_011.html
Supervirus_split_012.html
Supervirus_split_013.html
Supervirus_split_014.html
Supervirus_split_015.html
Supervirus_split_016.html
Supervirus_split_017.html
Supervirus_split_018.html
Supervirus_split_019.html
Supervirus_split_020.html
Supervirus_split_021.html
Supervirus_split_022.html
Supervirus_split_023.html
Supervirus_split_024.html
Supervirus_split_025.html
Supervirus_split_026.html
Supervirus_split_027.html
Supervirus_split_028.html
Supervirus_split_029.html
Supervirus_split_030.html
Supervirus_split_031.html
Supervirus_split_032.html
Supervirus_split_033.html
Supervirus_split_034.html
Supervirus_split_035.html
Supervirus_split_036.html
Supervirus_split_037.html
Supervirus_split_038.html
Supervirus_split_039.html
Supervirus_split_040.html
Supervirus_split_041.html
Supervirus_split_042.html
Supervirus_split_043.html
Supervirus_split_044.html
Supervirus_split_045.html
Supervirus_split_046.html
Supervirus_split_047.html
Supervirus_split_048.html
Supervirus_split_049.html
Supervirus_split_050.html
Supervirus_split_051.html
Supervirus_split_052.html
Supervirus_split_053.html
Supervirus_split_054.html
Supervirus_split_055.html
Supervirus_split_056.html
Supervirus_split_057.html
Supervirus_split_058.html
Supervirus_split_059.html
Supervirus_split_060.html
Supervirus_split_061.html
Supervirus_split_062.html
Supervirus_split_063.html
Supervirus_split_064.html
Supervirus_split_065.html
Supervirus_split_066.html
Supervirus_split_067.html
Supervirus_split_068.html
Supervirus_split_069.html
Supervirus_split_070.html
Supervirus_split_071.html
Supervirus_split_072.html
Supervirus_split_073.html
Supervirus_split_074.html
Supervirus_split_075.html
Supervirus_split_076.html
Supervirus_split_077.html
Supervirus_split_078.html
Supervirus_split_079.html
Supervirus_split_080.html
Supervirus_split_081.html
Supervirus_split_082.html