Arctic Gambit
Page 16
“I am indeed, sir,” Mathias answered. “Let me just roll it into one lump. Cyber attacks are up, nothing that’s done serious damage, but there have been intrusions at financial institutions, infrastructure nodes like power stations and airports, Fortune 500 businesses, and in spite of their higher security, at military bases and command centers. The Russians deny it, of course.”
Nodding toward the senior CIA rep, he reported, “I can confirm that the death of the Estonian defense minister last week was not a home robbery. Their interior minister had labeled it ‘suspicious’ from the start, and they’ve now told us that his office at home was searched very professionally. There were sensitive documents in a safe, which was opened.
“It’s possible that other incidents, especially in the Baltics, Georgia, and Ukraine, may be due to increased Russian espionage activity. Even if they’re not directly related to the military, they can be disruptive and distracting.”
“Or they may be reconnaissance runs,” the CIA rep interrupted. “I’ve got the counterintelligence section looking at things we don’t usually track—industrial accidents and local crime rates.”
Mathias put up a map of Europe and Russia. The border was dotted with red stars. “There are a large number of exercise-related scenarios planned for that same late-August timeframe. Again, that isn’t unusual, but the folks with the experience in our shop say the level of activity is way up. This sudden exercise is considerably larger than the Center-2015 exercise, which was planned well in advance. They’re also exercising right along the border with the Baltic States, Georgia, and Ukraine, which we’ve interpreted as Fedorin sending a message to his neighbors. And we’ve just discussed the Russians’ cash situation. Running a lot of troops around in the field isn’t cheap.”
He summarized, “We’re all familiar with the idea of using a military exercise to cover preparations for a real operation. It’s been done before. But military operations across the border into NATO countries would trigger a general war, and if you think exercises are hard on a country’s treasury, the cost and waste of a major conventional conflict in Europe would shatter the Russians’ piggy bank. And Leo, why don’t you tell them about the mobilization status?”
Odom nodded and explained, “I passed this to Harry last night. It’s negative information really, but as far as we can tell, while the Russians are increasing the readiness of their first-line units, they have not mobilized any of their reserve units. The Russian army’s pretty big, but if they were planning on taking on NATO, I believe they’d want at least some of their reserve units stood up, at least to provide garrison and rear security.”
“Maybe they can’t afford to,” the CIA accountant suggested.
“That’s possible, but whatever the reason, they don’t have the forces to fight a general conflict with NATO,” Odom replied.
“That ties in with the late summer date I mentioned earlier,” Mathias added. “There’s decent weather in August and early September, but it’s not the ideal time to begin a military campaign. Putting it all together, they don’t have enough troops, enough money, or enough time for a big theater-wide operation.”
He turned to the last page. “Finally, there’s the elephant in the room—Bolshevik Island.” Heads nodded around the room. Everyone present had been briefed into the Tensor compartment, and was aware of the facility’s weapons and completion deadline.
Peakes announced, “I think the Russian armed forces are moving to a timetable that is directly linked to the Dragon torpedo complex. Whenever the facility is completed, they will be ready to act. Does anyone disagree?”
The room went strangely quiet. When nobody spoke, Peakes added, “Please, somebody disagree with me. We need to find alternate scenarios that don’t involve NATO and the Russians shooting at each other, even though the evidence suggests that’s where we’re headed.”
Mathias, still at the podium, raised his hands and shrugged. “Sorry, boss, but the data indicates there is a linkage.”
“Then, how about indications and warnings?” Peakes demanded. “How can we know which way they’re jumping?”
“Fedorin can walk away from this at any time,” argued Odom. “We have to watch for signs that he is not walking away, that he’s committed. It would be nice to know what he’s committing to,” he mused.
“If the Bolshevik Island base is driving their timeline, we need to know when it will be operational,” offered the CIA representative.
“We’d have to get something or someone not just inside the program, but right up to the base and have a look,” Peakes replied.
“A submarine with a robust UUV capability is the best option,” Odom suggested. “But it means entering Russian territorial waters…”
“And looking over their shoulder while they’re working,” Peaks responded sharply. “I don’t think that’s an option. We’ve already lost one submarine up there. If there wasn’t so much activity around the site, we could possibly argue to the president that the threat is worth the risk, but of course, once the activity stops, they’ll be done.”
“And ready to move,” Odom agreed.
20 July 2021
0900 Local Time
National Cyberdefense Center
Berlin, Federal Republic of Germany
* * *
Dieter Hoffmann might have been born in the twentieth century, but he was a true child of the twenty-first. He’d been too young to remember the beginning of the millennium, and had grown up surrounded by personal electronics. To him, it was natural and essential that digital devices augmented his life.
His degrees were in mathematics and music, but he’d starved as a musician. He’d applied to the government because his family wanted him earning a steady income. Thankfully, the civil service exam didn’t require the dreaded “prior experience.” The Bundesnachrichtendienst, or BND, Germany’s Federal Intelligence Service, was interested in his test scores, and the interviewer was intrigued by his extensive collection of pirated music. He’d admitted to the fact reluctantly, but the interviewer seemed genuinely interested, and promised that he was not in trouble.
Being broke, he’d found programs and learned techniques to get free music. Hoffmann had become quite skilled in searching out music he wanted while avoiding the many websites that used music as a lure to spread viruses and other malware. Hoffmann saw his interviewer taking notes, and thought that she was also a music enthusiast. Instead of offering him a job with maintenance or their records office, the BND asked him to go to war.
At the National Cyberdefense Center, he became not only one of their best analysts; he was promoted to supervisor with three other specialists working under his direction. He laughed whenever he thought of his grandfather, a solid German office worker, as ordinary as a signpost, and his grandson Dieter, piercings and tattoos, both working for the German civil service.
He loved the work. Nobody liked the criminals who stole credit card files and hacked hospital records, holding them for ransom. Finding them, identifying them, and then taking countermeasures to defeat or expose them gave Dieter great satisfaction. Often they were foreigners, Russian or Chinese, but occasionally they’d be German, or in a European country where the police could actually arrest them. It didn’t happen often, but when it did, that was a very good day.
One of the reasons Dieter had been promoted to a supervisory position was his idea. Instead of simply reacting to news of an intrusion, the center should be actively searching for them. But with the entire Internet to hide in, where would you look?
Hoffmann remembered his collection of free music. Hunters don’t search the forest for game. They set up blinds near places the animals frequent, or they put out lures.
Under Hoffmann’s direction, the center created websites for fictitious companies or newly formed organizations. The websites were fully implemented, listing staff, with links to other pages that described operations and commercial activities. He liked to include touches like photographs of employees
being promoted, or a ribbon cutting at a new facility.
His first attempt, flown solo, had been for an imaginary investment company. It boasted a long list of proven brokers and an equally long list of clients who had moved to that firm, bringing fat portfolios. It had taken almost a week to set up, then two more weeks to fix and polish after a real investment broker was asked to review it.
Within minutes of going live, applications monitoring the site registered the first intrusion. While their false front was equipped with the standard commercial-grade safeguards, a few ports had been left invitingly open, and cyber-criminals were quick to exploit them. While the crooks downloaded false data and installed their malware in code that led nowhere, the center’s own programs traced their origins and isolated the viruses for further study.
Another benefit was that the intruders often sold the data they’d collected to brokers for all types of criminal activities, like fraud or identity theft. In this case, though, the data would hurt no one and, since it was known and unique, could be used to trace the hackers’ connections, like marked banknotes.
It had been a heady eleven hours and thirteen minutes, with at least four and possibly six different intrusions recorded. The seventh wasn’t interested in financial data, but simply trashed the website. Hoffmann mourned its loss, but his supervisor, Johann Klemmer, was satisfied. “If the website had withstood the attack, then the attackers might have become suspicious.” Hoffmann could only think of all his work creating the website, now lost.
That had been almost a year ago. They’d become much better and quicker at creating websites. The team’s latest effort was a midsized petroleum distribution firm. Not only was it modeled after a real company’s website, but Dieter’s team had concocted routines that would generate false reports showing equally false petroleum products being moved from ports to refineries to customers.
“Dieter.” A call from one of his “minionen,” as they’d chosen to call themselves, pulled his attention away from the IP database he was updating. Greta, the youngest of the three, and notable for her lack of piercings and/or tattoos, reported, “It’s the Russian Moskito virus again.”
“Really.” It wasn’t a question so much as an expression of his amazement. “That didn’t take long.” Most viruses got by with a string of letters and numbers that described when it had been detected, its type, etc. Ones that appeared repeatedly were usually given code names. Dieter’s team had chosen insects as their theme.
The Moskito virus was relatively new, discovered just over a week ago. It was subtle, and didn’t appear to do anything, but slipped in disguised as a regular transaction. Once inside, it buried itself in the system and did nothing, as far as anyone could tell. The team had discovered it because the transaction information was all generated by Dieter’s team, so the spurious input was flagged immediately.
Knowing what to look for, cyber center analysts had discovered the virus in six other real-world computer systems. Since it apparently did nothing, they had not removed it yet, but that’s when it had been named.
The first intrusion had been on the team’s previous false site, which mimicked a news operation. It was still running, with the virus inside, but since it was infected, it could not be considered safe, and a new fake website, a petroleum company named “Anders Oil,” had been brought online. It had been live less than twenty-four hours before also being infected.
“Should I purge it?” she asked.
“Let me report first,” he replied. Johann was still his boss, although he’d also been promoted, thanks to Hoffmann’s success.
“That’s very interesting,” Klemmer answered when he heard the news. “I’ve ordered Hans’s team to work on Moskito exclusively until we understand its purpose. We’ve found it on another eight websites.”
“All of which were chosen to be attacked,” stated Hoffmann confidently. “They have to create data that will mimic each site’s actual traffic. Has anyone discerned a pattern yet?”
“No, but the information’s moving up the chain quickly. The BND is sharing the data with counterintelligence, and we’re contacting other countries to see if they’ve seen similar intrusions.”
“And if they have?” Hoffmann asked.
“Then it is an even bigger problem—or potential problem,” Klemmer corrected himself. “It has to be a state actor. Criminal organizations don’t produce code this sophisticated, and with no purpose? It almost screams long-range planning.”
“So, I should coordinate with Hans’s team?” Hoffmann asked.
“Yes. They’re the best at forensic work. You work at creating sites that might attract these fieslingen. We’re not even sure we’ve located all of the viruses on the first system that was infiltrated. It turns out the thing breaks itself up into several pieces before deleting the original copy. We have made one breakthrough, though.” Klemmer paused dramatically.
“What?” Hoffmann demanded. “Did they find out what it’s supposed to do?”
“No, not yet,” his boss explained. “But it turns out that it does interact with the host system in one place.” He smiled. “It’s connected to the real-time clock.”
“A timer,” Hoffmann realized.
“Most likely. We won’t know the date until Hans’s team has done more work, but until they do, I’m supposed to brief the interior minister twice a day.”
20 July 2021
1300 Eastern Daylight Time
Situation Room, The White House
Washington, D.C.
* * *
It wasn’t a full, formal meeting of the National Security Council, but it sure looked like it. The NSC’s job was to give the president recommendations and options. In this case, the question put to them had been “How can we convince the Russians to abandon their plan, whatever it is?” which inevitably led to another question: “What do we do about the Dragon complex?”
After a long day and equally long night, Bill Hyland had presented the council’s recommendations to the president early in the morning. Hardy had cleared his schedule, and following conversations with Lloyd and Richfield, had them clear theirs for an afternoon meeting.
Not every member of the National Security Council needed to be present. This meeting was about making a decision, and Hardy needed people who could help. Besides, since it was not a formal NSC meeting, Joanna could attend.
Andy Lloyd, one of the longest-serving secretaries of state in recent history, was the elder statesman. Richfield, as secretary of defense, had a good working relationship with Hardy and provided an overarching defense background beyond Hardy’s submarine experience.
Bill Hyland reviewed the NSC’s recommendations one more time. A few had been modified, based on viewing after a little rest. Some had been fleshed out with details, which led to one being removed from consideration. Hyland’s list represented the best American counters to Russia’s—Fedorin’s—campaign of disruption and annexation.
Hardy tried to suppress his reflexive distrust of economic sanctions. “None of these—oil, insurance, travel—are decisive enough. And they take too long.”
“They would have an effect, though,” Hyland argued. “Some of these were used when they annexed the Crimea, and the Russians kept telling us how they weren’t having an effect.” He smiled.
“They didn’t hurt enough to make them give the Crimea back,” Richfield countered. “And you can’t administer sanctions as a deterrent. Doing it after the fact won’t correct the damage the Russians will have done by that time. And it will probably strengthen Fedorin’s hand domestically. The old ‘is that the best you can do?’ taunt.”
Hyland offered, “I told the economists at CIA to see if they can generate a synergistic effect…”
“It won’t be quick enough, Bill. We’re talking about weeks here, maybe days, not months or years,” Hardy insisted. “We could freeze Russian assets here, and NATO could do it in every one of their member countries, and it still wouldn’t be sufficiently painful to
force them to pull back and rethink their plans. They’re close to finishing whatever preparations they need to make. They’ve spent a lot of money and effort to build that facility, and they’re not going to stop because we lock down someone’s piggy bank.”
“There still are no diplomatic options,” Hyland reported sadly.
Lloyd agreed. “There never were. Fedorin’s not interested in talking to us. We’re the people who destroyed the Soviet Union in 1991, and he wants payback. Remember his bio. His father and grandfather were both old school KGB. His dad worked with Putin, and Putin was Fedorin’s first boss, and mentor. His grandfather passed away before the collapse in 1991, but his father died in 1992. The official cause on the death certificate was cancer, but Fedorin always claims he died of a broken heart.”
Joanna Patterson, who’d been listening quietly, said, “And you think this is about revenge.”
The SecState nodded. “I’ve given this more than a little thought. Annexing the Baltic States, Georgia, Ukraine, and perhaps Moldova not only helps rebuild the old Soviet state, it weakens NATO, and humiliates the U.S. If we don’t stop them, then countries like Poland and the Slovak Republic will know they’re next on Fedorin’s hit list, and will wonder if we can do anything at all to protect them.”
“What worries me more than him taking over part of Europe is that he may be actually considering a preemptive attack using the Dragon torpedo. I’ve spoken to him twice,” Hardy explained. “The first was a formal congratulatory phone call when I was elected. That was cold enough. He spoke through an interpreter, and he said exactly what was required and ended it, as quickly as possible. The second was that Economic Summit in Mumbai. Joanna came with me.”
Patterson nodded agreement. “I remember that he didn’t even want to meet with you.”
“And when we met, it was completely formal, lots of people in the room, and he wouldn’t even look me in the eye. The idea of those meetings was to establish some sort of personal relationship between two national leaders. He didn’t want that.”