Book Read Free

Invasion of Privacy: A Deep Web Thriller #1 (Deep Web Thriller Series)

Page 38

by Ian Sutherland


  “What’s the problem, sir?”

  “I told you, it’s frozen! There’s a strange message on the screen. Damned if I know what it means.”

  “What does it say, sir?”

  “I’ve taken a photo of it with my phone. Let me email it over to you. What’s your email address, son?”

  Cortez told him and waited for the email to arrive. He was pretty good at fixing webcam issues for customers over the phone, after all that’s what he’d been trained to do, but when it came to general computer issues, he was probably no better than the next guy. He hoped it was something obvious.

  “You got it yet, son?”

  “No, I — there it is.” Cortez quickly opened the email. There was no text, just an attached JPG. He double-clicked the picture file. It took a few seconds more than normal, but then finally displayed an image. In the picture, Cortez could see a laptop screen, but it was hard to make out the details. He tried enlarging it, but the picture’s focus was off. He couldn’t make out any details. He felt beads of sweat forming on his forehead. His hand shook as he moved the mouse.

  “Uh, Mr Toomey. Would it be possible to take the picture again? The one you sent is —“

  “Well that was quick! You’re a miracle worker; it’s started working now. Thanks, son. What was your name again?”

  Cortez hadn’t done a thing, but if Toomey wanted to infer that he had, that was okay with him. “Cortez, sir. Manuel Cortez.”

  “Well Manuel Cortez, you’re an absolute credit to the company. While I’m at the board meeting tomorrow, I’m going to put you forward for a special bonus. Thanks, son.”

  The line clicked dead.

  Cortez removed the headset and leaned right back in his chair, taking deep breaths to calm himself down. After a few minutes, he started to think more clearly.

  A bonus? He couldn’t believe it. He wondered how much it would be. Perhaps it would be enough to fund Daniela’s next semester. What luck.

  He decided he deserved a coffee break. Using his security pass, he let himself out of the control room and wandered down the corridor to the staff kitchen, whistling to himself. At the vending machine, he purchased a sweet black coffee. After a moment’s hesitation, he treated himself to a Hershey bar.

  He seated himself at the one of the many tables and slowly savoured the coffee and chocolate, absently staring through the large window across the lake at the other glass fronted office blocks, each one proudly displaying the logo of a well-known IT company. He wondered how many of them had twenty-four-hour help desks. Maybe one day he might move on from HomeWebCam; join a company with a larger help-desk; one with a night shift of more than one lonely soul.

  He felt his eyelids droop again and quickly pulled himself together. It was time to return to the control centre.

  Glancing at the main display screen, Cortez froze. It was no longer all green. In fact, the network traffic lights were all flashing red.

  He ran to his computer, wondering what the hell was going on.

  Just as he fired up the network monitoring application, his phone rang.

  “Yes?” He was so panicked that he forgot his personalised introduction, never mind the one on the script. He was about to add some clarification when a voice spoke.

  “Is that the HomeWebCam service desk?” The voice was demanding but rushed.

  “Uh yes, who’s this?”

  “This is Mike Baker. I’m the Service Desk Manager over at Agincourt, here in Boston. Who’s this?”

  Cortez knew Agincourt was HomeWebCam’s parent company, but he’d never talked to anyone from there before.

  “This is Manuel Cortez.”

  “Manuel, are you seeing any network problems?”

  “Uh, yes. I was just starting to diagnose what’s going on.” It was only a slight fib.

  “Damn.” Then the phone was muffled as Baker spoke to someone else, presumably putting his hand over the microphone. But Cortez could still make out what Baker was saying. “HWC’s being attacked, as well. They’re every-fucking-where.” And then the muffling was gone and Baker was talking to him again. “Manuel, let me explain. We’ve got to move double-quick. The whole of Agincourt is under a coordinated DDOS cyberattack. I’ve just had Homeland Security on the phone. It’s some kind of Al Qaeda hacking cell pissed off with us for our security work in Afghanistan supporting the Army. How are your firewalls holding up?”

  Cortez clicked into his network map. Both firewalls were red, but nothing on the inside of the network was compromised. At least, not yet. The firewalls were doing their job. Beads of sweat appeared on his forehead again, and he felt faint. Too much sugar in the coffee and chocolate.

  “Yeah, I think the firewalls are handling it okay.”

  “That’s good. We’ve had breaches over here. Our website’s down. Our CRM system is down. Our ERP system is down. We’re in bad shape. Are you sure your firewalls are okay? How can you tell?”

  “I’m looking at the network monitor. They’re red, but they’re still up.”

  “You can’t rely on that, Manuel. That’s just SNMP traps; they’re never going to give you the full story. I need you to log into the firewalls manually and check the logs.”

  Cortez did as he was told. He hadn’t been anywhere near the firewalls for months, but he vaguely remembered how to do it. After a couple of missteps, which he quietly kept to himself, he was in. The administrator password was the same as the other systems he was more used to managing.

  He scanned the logs. There were thousands of alerts.

  “They’re okay. They’re handling it okay. They’ve recognised it’s an attack and are blocking it okay.” Cortez couldn’t help but keep the pride out of his voice. Perhaps HomeWebCam’s systems were stronger than those of its parent company. “We’re using an intrusion deception system combined with deep packet inspection firewalls, what about you?”

  “Nah, nothing so glamorous here. I’ve been saying for ages that we need to upgrade our defences with DPI and IPS. I bet they’ll fucking listen now.” And then Baker’s voice was muffled again as he talked to someone else. “What do you mean, stopped? Show me?” There was a long pause.

  And then in front of Cortez’s eyes, the network monitor icons turned from red to amber and then to green. Even the main display returned to green.

  Baker was back. “The attack seems to have stopped over here. What about you, Manuel?”

  “Yeah, it’s stopped.” Cortez was smiling from ear to ear, pleased as punch that his defences had held up better than Agincourt’s. After getting the credit from Toomey a few minutes earlier, the last thing he needed was to have to phone around saying all their systems were compromised. Where would his bonus be then?

  “Well, you’re lucky Manuel. Listen, we’ve got a load of clean-up and recovery work ahead of us. I’ll leave you to it. But when we come up for air, I’ll give you another ring. Looks like we need to get hold of whatever firewalls you’ve got. Good work.”

  The line clicked dead.

  Cortez leaned back in his chair again and allowed his body to calm down. What a strange night. But he’d survived his fiery CEO and a terrorist attack. Not a bad night’s work, even if he did say so himself.

  And no damage done. Now that really was impressive.

  He allowed his thoughts to return to the bonus that Toomey had mentioned. Maybe he’d also be able to buy Daniella that professional low-drag racing swimsuit. She’d be even faster.

  In the meantime, he decided to treat himself to another Hershey Bar. The sugar would help him stay awake.

  * * *

  Brody almost felt sorry for Manuel Cortez. He’d been far too easy to dupe. Just like every help-desk support engineer in the industry, he so wanted to help.

  After a brief search, Brody had found a couple of video interviews of Toomey on the Internet from around the time he’d sold his company to Agincourt. He had a deep Texan drawl that reminded Brody of John Wayne. During the call, Brody, wearing his wireless headpho
ne mic, had stood up, hunched his shoulders and compressed his neck to make it easier to channel the American icon’s distinctive voice as the basis for his impersonation of Toomey. Despite feeling foolish, especially when Brody caught himself pacing the room with Wayne’s off-balance swagger, it had gone well.

  Cortez had immediately dropped all protocols when he’d heard his CEO’s voice. The story about a frozen computer was a good one, especially the idea of taking a photo of it; Brody would use that again. It was believable enough, especially these days with everyone having camera-phones. But its real purpose was to disarm Cortez into opening an attachment in an email, something he was trained not to do.

  It had been safe to assume that Cortez would be familiar with email phishing. The scam involved mass fake emails pretending to be from a trusted source and designed to trick people into doing something foolhardy; either opening an attached file, which would install a deadly payload on their computer, or visiting a fake website masquerading as a legitimate one, but that ultimately persuaded victims into divulging personal details, enabling the phisher to steal entire identities. The crime’s close cousin, spear-phishing, involved carefully targeted singular emails using readily available online information.

  Brody had only one chance with the HomeWebCam help desk and he didn’t have the time necessary to craft a legitimate-looking email, which Cortez may well have spotted and deleted.

  Instead, Brody decided to combine spear-phishing with his favourite social engineering technique of ‘hacking the human’. The phone call from ‘Toomey’ had predisposed Cortez to receiving the email and not looking too closely at its headers. Brody had gone for simplicity and speed, and had only changed the display name and reply address to match Ken Toomey’s. However, the actual address he’d sent it from had nothing to do with Toomey. Fortunately, Cortez hadn’t noticed in his fervent desire to help his CEO and keep his job.

  And then there was the attachment. Again, because of the phone call, Cortez was all set up to believe it was a real JPG. But in reality it was a malware program. When Cortez had double-clicked what he thought was a picture file, it had installed its payload, the freely available remote access tool, Poison Ivy, customised to Brody’s specifications. Once installed, it had ‘called home’ over the Internet. In this case, ‘home’ was one of Brody’s untraceable proxies acting as a command and control server, to which Brody had also connected into anonymously.

  The last step of the malware’s installation was to open the computer’s standard image viewer and display the photo Brody had embedded within the installation of Poison Ivy. When Cortez had seen exactly what he’d expected to see after double-clicking, a photo of someone else’s computer screen, he’d had no idea that he’d unwittingly installed malware. Brody had deliberately blurred the picture he’d snapped of one of his own laptops, not wanting to leave any clues. Once the Poison Ivy payload had successfully been installed and called home, Brody had rapidly brought the phone call to an end.

  Brody was particularly proud of the second phase of the hack.

  With Poison Ivy installed, Brody now had full, remote access to Cortez’s computer. But he still did not know the correct credentials to gain access to the firewalls. So, Brody had done something he’d never done before: he’d used his private botnet of servers hidden all over the world to launch a distributed denial of service attack against HomeWebCam. He was definitely straying into black hat territory doing this, which was disconcerting. But he’d deliberately constrained it to be noticeable rather than damaging. A real DDOS attack was designed to overload a network, overpowering the servers completely, so much so that they’d crash. Brody had only wanted to set off the alarms.

  Coupling the DDOS attack with another fake phone call, this time from ‘Mike Baker’, the Service Desk Manager from Agincourt – at least according to LinkedIn – had been risky but necessary. Brody had gambled that Cortez had not met or talked with Baker previously. He’d noticed that they weren’t connected to each other on LinkedIn. Convincing Cortez that Agincourt was also under attack, he’d been able to talk the engineer into logging into the firewalls. In the background, Poison Ivy’s keystroke-logging feature recorded the account names and passwords that Cortez had used to gain administrator access.

  And now Brody had all the access he needed.

  Via Poison Ivy, Brody ran a series of background commands on Cortez’s computer and connected to each firewall in turn. He spent time browsing the logs, analysing the flow of data in and out of HomeWebCam. He was searching for any reference to SWY or any of its native IP addresses.

  After some time, Brody concluded that the webcam feeds were not actually flowing in from the network video recorders in every webcam location around the world managed by HomeWebCam, which had been his initial working premise. As this finally became clear, Brody bashed his forehead with the heel of his hand, berating himself because he should have worked this out without hacking into HomeWebCam; breaking God knows how many laws in the process. With the benefit of hindsight, he now realised he could have analysed the outbound network traffic passing through the router at Derek Saxton’s house — after all, he had full access. Yesterday, he’d even traced the traffic on the Saxtons’ home network, but because he’d been so focused on looking for packets going to SWY, he hadn’t considered what did or didn’t flow through to HomeWebCam. Had he looked more broadly, the Saxton network traces would have shown him that the webcam feeds only left the Saxton local network for HWC whenever Derek or Hilary were logged into HomeWebCam, viewing the video footage. It was a classic case of his assumptions getting in the way of the data.

  Sometimes he was such a fool.

  It did make him wonder about the purpose of HomeWebCam. After all, it was technically possible to connect to network video recorder PCs directly. After some head-scratching and further research, Brody concluded that the site’s function was to centralise and simplify the way its customers gained remote access to the network video recorders located in their own homes and offices. Without the full HomeWebCam service, their customers would be required to figure out how to reconfigure their routers to remotely access their network video recorders from the Internet as well as set up the security on them. HomeWebCam did all this for them and provided a full twenty-four-hour help desk.

  Moreover, Brody realised, there was the recurring revenue. Rather than just make a one-time sale of webcams and a network video recorder, HomeWebCam was able to charge monthly for its on-going service, a far more profitable arrangement.

  But all this clarity left Brody completely stumped. Dwight Chambers had been right: SWY wasn’t gaining access to the video feeds through HomeWebCam. And he knew from his work yesterday that SWY was not connecting directly into the network video recorder PC in the Saxton house.

  How the hell was SWY gaining access to the video feeds?

  He buried his face in his hands. It made no sense. Crooner42 had thought of everything. Brody only had twenty-four hours left. At this rate, he would never pwn SecretlyWatchingYou.com by tomorrow.

  And then, inevitably, as if his day couldn’t get any worse, Brody heard the key turn in the front door of his flat. The door opened and Leroy ambled in.

  “Hello, darling,” he greeted cheerfully.

  “Fuck off Leroy. I’m not in the mood.”

  CHAPTER 17

  DC Fiona Jones pressed the button on the empty reception desk and waited. Presumably somewhere behind the secured inner doors a bell had gone off, announcing their presence.

  Jenny had parked her car in the only visitor space outside the single storey, converted factory building. It was one of many similar buildings in the Slough Trading Estate; a sprawling industrial business park situated just west of London, built around its own power station – two mammoth brick chimneys visible for miles around. The only indication they’d chosen the right building was a small plaque just outside the front doors announcing the company’s name, McCarthy Security Ltd.

  Jenny studied the ba
re reception area. There was a complete absence of marketing; nothing to verify the sign outside was still valid. There were just two posters, both framed, one on fire alarm procedures and the other on health and safety laws. Three uncomfortable looking oval chairs were lined up against the back wall, under a television showing a muted BBC News channel. On the plain wooden reception desk sat a signing-in book. Jenny flicked through its blank sheets and commented, “I don’t think they get many visitors.”

  “You’d think there’d be some CCTV cameras, given what they do,” said Fiona.

  “Maybe there’s a load of secret cameras watching us right now,” suggested Jenny, suddenly self-conscious.

  “Where?” asked Fiona, lifting the picture frames containing the posters and bending down to look underneath. “There’s nothing here.”

  Jenny recalled the Saxtons’ kitchen. “I bet that smoke alarm on the ceiling is one.”

  “That’s clever. Okay then, what about the exit sign above the front door?”

  Jenny turned to look up at the illuminated sign. “Probably.”

  At the swoosh of the inner door opening behind them, both officers turned around.

  “Just the two?” said a hugely overweight man, a smile on his face. He gave the two women a lascivious onceover, his smile broadening in appreciation.

  “You were expecting more than two of us?” demanded Jenny, bristling at his blatant leer.

  “No. I mean the number of secret cameras monitoring this area. You’ve only spotted two of them.”

  “How many are there then?” asked Fiona looking around.

  “Plenty, including that one hidden in the carpet tile pointed up your skirt.”

  Fiona jumped backwards with a screech.

  The man leaned back and guffawed loudly, his enormous belly rippling in rhythm with his laughter. “Hah, just joking. But you should have seen your face. From that reaction, I’m guessing you’re not wearing any knickers. If only I’d known, I would have put a camera there.”

 

‹ Prev