Book Read Free

Infinite Exposure

Page 14

by Roland Hughes


  Their eyes met and broadcast want to each other. “My place,” mouthed Margret. “Half hour,” mouthed Carol. Margret quickly wrote down her address on a yellow sticky and included her cell phone number. Nothing was said when the sticky exchanged hands. It even looked business like when Carol stuck it on the front of the pages in her hands. Nobody questioned it or suspected anything. She returned to her desk, completed filing the copies and put the original in a document mailer for the archive service. With the yellow sticky tucked into her suit coat pocket she logged out and told everyone she was going home.

  ***

  Hans sat in the man with the suit's office watching the news with him. True to form, once the first story came out, the rest of the talking heads all sent people over to report on it. Pakistani intelligence had apparently started feeding their contacts at CNN now. The arrest report they had planted in the files found its way into their hands. They had Nedim's name now. It was a slow news week, so he was now a celebrity. Too high profile to kill off now. Hopefully al-Qaeda would take care of the task. In a few days, Pakistani intelligence would announce Nedim had been released due to lack of evidence.

  True, there would still be a tap on the phone line Nedim used for his computer. They also had a mailbox copy utility installed on his known email accounts and they had their own little remote system monitor software installed on his machine. But the daily reports from his roommates would stop. Both of them had been told not to talk with Nedim again.

  Briefly, Hans wondered what would happen when Nedim's shadow quit showing up at the mosque for the Holy Quran discussions. Even if the news hadn't spilled his information all over the world, that would tell al-Qaeda they had a mole.

  In a couple of hours a plane would touch down. Both Hans and the man in the suit would supervise the loading of prisoners onto the plane. There would be no paperwork, simply a count. Four men and two women. As Hans had feared, the courier train eventually ditched the bag and they lost the trail in the mountains. Quite a few military units had been sent out to the area where the trail was lost to see if they could find a cave with al-Qaeda members in it, but Hans had little hope they would hear back. Given all of the publicity around this guy, there would simply be an air strike against the cave if it was found. This story was about to be completely tied off.

  Both women appeared to be relatively young to Hans. Nikolaus should be able to get the rest of the camp up and running. Personally he had no opinion on stem-cell research. As long as it made enough money to let the party bribe officials who weren't completely on board, he was for it. Once enough funding was in place, the larger scale round ups would begin. There was still a cell operating around Hamburg and a few other cells officials knew about in Germany. The police hadn't managed to get enough evidence for a conviction, but the party didn't need that much evidence.

  Finally, Hans asked a question that had been nagging at him. “Are we going to close up this shop?”

  “At least for a while it seems,” replied the man in the suit. “I will keep track of where the team gets dispersed. Who knows when we will turn up another communications hub to monitor. We hope one of the cells we are currently rounding up will have used more than one communications hub, but that is just a hope for now.”

  Thanks to this operation they had 27 different cells under surveillance. Five of the cells had already been rounded up by various agencies. Few members went to the interrogation camp. Once the courier mules had been processed through there, the remaining 22 cells were going to be rounded up one at a time and squeezed for information. They would most likely provide little in the way of useful information, but their cell phones and computers just might turn up a new communications hub. It was a gamble. They couldn't round up many of the cells at once because there weren't enough interrogators at the first camp to handle 20+ people.

  Both men knew the Brit would be utterly pissed they weren't rounding up the Lutton cell first. Obviously they were up to something big. The team on the ground didn't appear to be worth a rat's ass at surveillance. They had to have held some meetings by now. Still, they only identified the few people sending email and no other members. A round up now would simply cause the cell to go deeper under cover. Nobody could risk that. The cell had to remain on monitor status until either more of the members could be located or the explosives turned up.

  ***

  John was at his wit's end. Despite all of his efforts and messages, UNI (Union Network International) was making progress gathering members. It would not be long now before there was a vote about the union in his own shop.

  There were only three data centers left to re-locate here! Didn't they understand there would be more money in their hands from the electronic transfer than a union could ever give them? No, they couldn't. Only John and three others knew about the plan here. A few cell leaders who John handled the email for knew, but that was it. Even John's new roommate didn't know.

  John's new roommate was a fast learner. He picked up the basics of how the email operation worked in just a couple of days. When John got home now, the vast majority of messages had already been dealt with. He left links and print outs for his roommate to read on how to hide your IP address on-line, viruses, virus scanners, and a rash of other things that allowed you to remain a ghost on-line.

  They were going to have to bring in another machine so the roommate could set it up and get his own communications hub running. The leaders were more than willing to purchase another notebook. In fact, they said they were going to purchase two. The second one would be for yet another roommate John was to train. At first John was upset about this, but then he realized he would have at least another quarter (probably three) before the data center migrations were complete and his plan could take effect.

  “If only we didn't have this union problem!” he said aloud, slamming his fist down on his desk at work.

  “I know what you mean,” responded John's boss.

  The sound brought John back to his current reality in less than a heartbeat. It was unlike him to drift off and let things slip like that. Perhaps this operation was a bit too much for him. He was used to being a ghost who handled communications, not a covert operative.

  “What is being done about it?” asked John.

  “Next to nothing can be done at this point,” responded his boss. “They are recruiting people from locations other than here. We have installed security cameras, hired extra security, and watched. Other than the occasional pamphlet found on someone's desk, there is no organizing activity going on here. Once they have more than 70% of our people signed up, they will bring in lawyers and force us to allow a vote.”

  John barely heard anything after “more security.” This is exactly what he wanted to stop from happening. He didn't want to kill his own people just to carry out this attack. He made a mental note to get access to the security tapes and assign one of his team members to pull all of them on the way out the door. He wasn't certain how they were going to handle the guard in the security room yet. Perhaps he was already working for al-Qaeda and could simply be added to the team.

  ***

  No matter what culture you come from, what language you speak or what religion you follow; there are some universal truths. At this particular moment Vladimir experienced one of those truths. He jumped so hard when the phone rang he knocked over three empty soda cans and a glass of iced tea. Cursing, he answered the phone.

  “I'm not used to hearing that as a customary greeting,” said the man in the suit.

  “Sorry. The phone gave me a start and I spilled a glass of iced tea. What can I do for you?”

  “We need you to modify your Trojan horse to pull in every sent email from every email client it lands on. Need them to all be sent to the ping server for analysis.”

  “It will be difficult since many access email via a browser in a library rather than an email client. What is your objective?”

  “Have you seen the news lately?”

  “Yes.”


  “Our primary asset has been exposed to the world. We need to snag a new communications center while they are still in chaos.”

  The Trojan horse had been written very small and simple so it could work across a wide range of computes and operating systems. When it detected that the user had opened the email via a Web browser, it obtained as much information as it could about the machine and passed it onto the ping server. Depending on which Webmail back end was being used, the Trojan could also attach itself to any messages sent during that session. Each time an instance was created and attached to an outgoing message, it was given a unique ID number based upon the ID number of the parent creating the new instance. The ID number came back in the packet of information to the ping server.

  It was via these IDs and the IP addresses that Vladimir was able to map the groups. Eventually they managed to obtain location information for each of the IP addresses (those who weren't really good at ghosting anyway) and he plotted them on an interactive map. Clicking on one of the dots would bring up the date(s) of ping and email messages that had been part of the ping. They didn't always have the email message, but they had most of them. Sometimes they got the message from only one side, and sometimes they got it from both.

  You could click a button on the Web page and ask the page to show you date and time ordered message routing. This was a really cool feature. Of course, when they didn't have location information it had to simply pick a location at random and plunk a different colored dot down, but it allowed you to track the communications flow.

  Only a few people on the team knew about this page on their internal Web site. Even fewer were authorized to look at it. As always, Vladimir analyzed every piece of information he could find in every way he could think of. Information had always been his friend.

  When Vladimir first started putting this database and visualization tool together, he was doing it out of a simple desire to know. Since he was supposed to be storing copies of the data he collected on this “team” server, he created a Web page on it to communicate with the man in the suit. It was far easier to send him an email and tell him to click here, double click there, and watch the screen, than it was to try and explain his analysis.

  Lately there had been a significant increase in ghosted IP addresses in the middle of message paths. Quite a few of these paths came from IP addresses that formerly communicated via Nedim. Being in a wheelchair gave Vladimir a lot of time to analyze this data. It looked like someone was training new communications hubs. One link in the chain defied all attempts to punch a hole through to it.

  The other ghosted IP addresses weren't ghosted so well. Vladimir managed to send them a special virus with the information he obtained from the ping server. He used a standard spam email offering Viagra without a prescription, but with a subject line that was sure to make them open the email. Once the virus was there, it started sending Vladimir email with information about the activity of the machine. He was able to fully penetrate two notebook computers this way. He even knew the model, brand, and serial number of the notebook thanks to them running a totally insecure OS known as Windows.

  If you send an email out correctly on the Internet, it will contain the full path in the message header. Most end users never see this information because their email client or Web page interface has the display of it turned off by default. Each hop an email message makes along the way will add information to the message header with respect to the IP address, name of the server and name of the organization hosting the email server. The emails coming to Vladimir from this special virus contained a full path back. He paid close attention when the first path he uncovered changed and he discovered a new machine using the old path.

  That single piece of information told Vladimir he knew where the next email hubs would be. As long as they didn't get wise to his virus he would be able to identify their location. When the DNS and gateway addresses came back the same for the second machine, Vladimir was positive al-Qaeda was training new communications hubs. Perhaps they had suspected what was going on with Nedim or maybe they just decided to spread the traffic out. The reason behind it didn't matter. What mattered is they were training beginners when it came to ghosting. Vladimir would bet half his life savings the person doing the training was the same person whose machine had been completely impenetrable.

  “Would you settle for three communications centers and no modifications to the existing Trojan?” Vladimir asked the man in the suit.

  There was a pause in the conversation, then came the response, “You have not filed any reports about these.”

  “You never read my reports or look at the Web page I set up on your internal server. If you did, you would already know the general location of each,” Vladimir responded.

  The man in the suit did not respond immediately. He had read some of Vladimir's reports and thought the man to be crazy. The Web page had been interesting, but he hadn't visited it much since he was originally shown how to use it.

  “So, where will we be setting up operations next?”

  “India.”

  “Something a little more specific would be nice,” the man in the suit wise assed back to him.

  “Do you want the senior communications person or the two he has recently trained? I would recommend you latch onto the first one he trained rather than taking out the trainer, but it is your call. The second one hasn't completed training yet.”

  “How do you know this?

  “He is still operating from the location of the trainer. If he completes training as fast as the other he will be setting up his own communications center inside of two weeks.”

  “Will you know where they set up operations?”

  “I already own the machine.”

  “Why do you suggest we leave the trainer alone?”

  “Odds are small that is the last communications hub they have. If the new trainee stays there long enough, I should be able to get the real IP address of his machine and his primary email account. Once I have that, I can own his machine as well. We got this one by pure accident. If you take it down now, they probably won't make the same mistake of doing a mad scramble to another hub. It will be a lot harder to crack this chestnut if they start going point to point. Trapping and turning each person this one trains will let you play the network out. If this one is starting to do training, they are probably trying to get out of the task themselves or al-Qaeda is trying to set up a grid. We won't know until we have more of the communications hubs.”

  “Grid?”

  “It's a geek term. Neither Windows nor any flavor of Unix actually clusters. The marketing people and some big vendors all throw around the word cluster when they are describing capabilities, but they are committing fraud when they do such. You cannot actually cluster unless your operating system provides for a common user authorization file and a distributed lock manager to support a distributed transaction manager. The best you can get with either OS or their derivatives is a grid. Autonomous machines network together and agree to let other machines in the network use some of their resources.”

  “What good would that be?”

  “An email grid can be set up to use encrypted email addresses. All you need to do is to put up N email servers on the Internet and either have them assigned fixed IP addresses you send out with your teams, or actually register them in the global DNS. When email comes in for one of the special email accounts, determined by pattern in the name, it runs a decryption utility on the corresponding encrypted address and routes it there. The encrypted address lists can be changed on a per message or manual basis.”

  “You are making no sense.”

  “Think of it this way. I register a domain called MyServer.com. I also register the email servers MyPop3Server.com and MySMTPServer.com. When you send email to an account on this server or through this server, it checks the destination email address for a naming pattern. That name corresponds to an entry number in a list which has today's real destination address. The email
address is automatically changed. All the sender knows is they sent to xxx1234@MyServer.com. Email could come in from any email system on the Internet. When it gets to the email servers on MyServer.com, they will translate the destination and route the message appropriately, removing all header information and without creating a log.”

  “What advantage does that have over what they are doing now?”

  “You can set up a domain for under $100. If you have the correct kind of Internet provider, you can set up your domain behind a dynamically assigned IP address. You will get a new IP address each time your cable modem or satellite box resets. The DNS registry will update within a matter of minutes to reflect the new IP address. All you have to have is the domain registration. There is no hand routing of messages. One person living anywhere in the world could have the Admin account to log into your server and change the email address routing. If they strip out all header and trailer information before sending it on, they will strip out any chance anyone has of tracking the thing. There will be nobody to turn because you will never be able to trace back and find out who is logging in, especially if the domain is set up for dynamic rather than static IP. They could boot different machines at different times of the day.”

  The conversation had gone well beyond the technical capabilities of the man in the suit. He did understand the gist of it though. If al-Qaeda had thought to set up their own domains the email servers could change location hourly and they would be all but impossible to track down.

  “How easy is this to do?”

  “I've done it three times for various clients already.”

  “We certainly don't want to give them any incentive to make spying on them more difficult. Email me all of the location information you have. We will attempt to squeeze the first one who has been trained, then set up operations on each one to follow. We will put some surveillance on the trainer to ensure they aren't going to try disappearing. It may be something as simple as the trainer having too much work or they are trying to spread the communications out so we can't nab as many at once. It may also be that the trainer is now a living martyr and we have to stop an explosion.”

 

‹ Prev