Say You're Sorry: A Gripping Crime Thriller (A DCI Campbell McKenzie Detective Conspiracy Thriller No 1)
Page 20
He had just started a war. And he was unprotected.
"Not for long," Tommy said to himself, reaching down to open the safe so that he could take out two handguns to protect himself with.
Momentarily confused, Tommy stared at the safe. His state-of-the-art digital safe.
Something was wrong.
There were no flashing lights on the front of it as there should be. Nothing inviting him to enter the safe's pin code.
Then it dawned on him.
The electricity was out.
And thanks to the accountant's latest mistake, McNunn couldn't get at his guns to defend himself. Was that part of Petrovsky's plan too, or just another fuck-up by the accountant that could cost Tommy his life?
It was just then that McNunn heard the footsteps in the hall.
Tommy froze. A chill went down his spine.
Someone was coming to get him...
-------------------------
Andheri
Near Mumbai, Maharashtra
India
Wednesday
3. a.m. India Standard Time (IST)
Anand was exhausted. For the past few days he had squeezed the life out of every second that passed, trying to stay ahead of the game and keep his plan on track.
He had become very focussed. To him, everything had become laser clear. He knew what he had to do, and although he didn't know exactly how it would be done, he was confident, as always, that he would succeed.
It was only a matter of time.
If at first he did not succeed, he would learn from his mistakes. And when necessary, he would get help from others on the Dark Web who would be only too pleased to assist him, although often for a fee.
In the old days, the world of the hacker was potentially a very lonely or solitary affair. Hackers wrote their own versions of software that did 'bad' or malicious things to networks or systems. Just what these pieces of software did really depended upon what the hacker was trying to achieve. Just how good and effective their malicious software - 'malware' for short - was, depended upon the skills of the geek that wrote the code. Hackers would lock themselves away in their own little garrets and use their skills and malware to try and hack their way into a network or computer system or server. Once inside, they would use their expertise to find ways of elevating their network user-privileges to that of an administrator or manager so that they could control the systems about them and effectively do whatever they wanted on that network.
Hackers used to vie with each other to show off and prove that they were better than each other. They mostly did things just to prove a point. Some, who were politically motivated, would use their skills to 'take down' the computer systems of 'evil corporations' with whom they disagreed, by launching what was called a 'Denial-of-Service' attack against that company, where the services of the targeted organisation were then denied to its customers or employees.
Today, it was a whole different ball game.
Increasingly hackers were getting into hacking for money. Not for any glorified ideas of defending what they believed to be right or attacking companies who they thought were evil.
Those that could and were criminally minded were increasingly organising themselves into teams of hackers who attacked banks, corporations or business with the specific intention of stealing money or 'ideas' - the patents and intellectual property rights of those who had inventions. Once they had this 'IPR' they would then sell it on to the highest bidder, potentially making a fortune.
Others were busy writing malware and selling it on to others who would then use it themselves.
Anand knew that nowadays it was practically a waste of time to write your own malware. What was the point in doing it, when you could go online, find a 'shop' that offered whatever type of malware you wanted, for whatever purpose you wanted, and then buy it within seconds for practically next-to-nothing? Within minutes a hacker could be up-and-running and doing whatever it was that they fancied doing.
The chances of getting caught were increasing, but only slightly, and in reality, the cyber world today was probably just like the Wild West used to be in California.
Today a skilled hacker could break into a bank, steal a lot of money... maybe even steal ALL the money, and then leave without even being noticed. In fact, Anand had joked to himself one day, instead of stealing money from a bank, a cyber thief could almost literally steal the bank, - without being noticed. It might be weeks or even months before someone noticed that tens of millions, even hundreds of millions of pounds could be missing.
Anand knew that it was happening all the time.
The only reason that most people didn't know about it was because when the banks found out, they didn't like to tell anyone else. The last thing a bank wanted their customers to think was that their networks - and the customer's money - was not secure. So they kept quiet about it.
All across the world today, cyber thieves were conducting the perfect cyber crimes. They were getting mega-rich, no one was noticing, and no one could track them down.
"Wham-bam-thank you ma'am, ... and now I'm going to buy my own island!"
Over the years, Anand had been collecting and building a library of pieces of code, and malware programs which he knew would come in handy when he needed them.
Knowing which malware programme to use for a target network was part of the art of hacking. First you had to know what computer systems and network security devices each network you were attacking had, and then you needed to know what the weaknesses or flaws in those products were. In Anand's experience, almost every network, every computer and every software program was full of such flaws. Each one represented a vulnerability which could be taken advantage of, and through which hackers could penetrate network defences or take advantage of computer programmes or systems.
Computer manufactures, and companies who sold software programmes for businesses and home users were continuously finding these vulnerabilities and releasing updates to their programmes which, in theory, would 'patch' the hole in the software through which hackers could squeeze. Unfortunately, most people and most businesses either never found out about the software updates that they were meant to install, or were too busy or too lazy to use these software patches to patch their vulnerabilities.
This meant that some old computer networks were still just as easy to hack into today as they were when they were first switched on, and the malware that hackers used years ago to attack some networks would possibly still be as effective today as way back then.
Of course, anti-virus programmes often learned to spot malware when it attacked networks, and learned to defend networks against them. This meant that hackers often needed to go out and purchase or rent new malware programmes that had been freshly written ... and which took advantage of the latest vulnerabilities which hackers had discovered, and for which software patches had not yet been created or released.
Over the years, Anand had learned many different ways to attack networks, to slip through corporate defences, and to find ways into computer programmes so that he could take control of them.
Sometimes it was hard. Other times it was dead easy.
Some networks were harder to get into than others. In an effort to defeat the hackers, they had built layers upon layers of defences which made it very difficult for the average hacker to get in.
That is, however, unless they knew where the backdoors were, or they could get someone in the company to inadvertently open a 'network-door' and let them in.
Finding a backdoor to a security system was often the easiest way. It was easy, simply because on the Dark Web it was possible to find websites that listed the various types of software programmes that existed in the world and which were used by businesses, and announced to the world what the backdoors to those systems were. A backdoor, as the name suggested, was a way to avoid the need to login to a system with a username or unique password, by using a special series of commands or a set username/password combination which
the person who had originally written that specific software programme had built into the system when they had created it. So why did the original software developers create these backdoors? Simply, because once their software programmes had been sold to and bought by other people or big businesses, the backdoors would make sure they could still access those programmes themselves, whenever they wanted, wherever they were, whoever had bought the programme from them.
Once hackers found out about these backdoors and published them on the Dark Web, any hacker in the world could access those systems, wherever they came across them in a targeted company's network.
The other simple way to get into a network was to get someone on the inside to let you in... Nowadays, this was often called 'spear phishing', and worked a little like this: a hacker would send the same email to thousands of people, maybe even millions of people, either targeting random made-up email addresses, or by getting a list of email addresses from a company they wanted to hack into. As much as possible, the hacker would try to get the email to look real and relevant to the person who would receive it. The purpose of the email was always the same: just to get the recipient of the email to click on a link presented in that email which would immediately execute a software command to start running a piece of hidden malware that was attached to that email. Like the Trojan Horse that was used to attack Troy, once that hidden programme was opened, software would escape and start to run around on the inside of the network, eventually finding the security gates that prevented other people from accessing the network, and then effectively opening those gates and letting the hackers in.
Once inside the network, the hackers would search for computer systems that they wanted to attack and take control over. When they found the systems they were interested in, they would launch new malware, or trick those systems into giving them access rights to take over the system, just as if they were the real IT managers of that company whose job it was to install the systems and run them.
All of this, and more, was second nature to Anand. It was part of his blood, part of his genetic make-up. As long as he had a laptop and an internet connection, he liked to joke to himself that he could hack into a computer network anywhere else in the world, and do whatever he wanted to that system.
Until now, Anand had never really ever done anything bad, although the definition of 'bad' was quite relative to a hacker. When launching a Denial-of-Service attack against a global fast-food company, for example, those who went hungry that lunch time and who were unable to order their hamburgers may view the hackers as bad, horrible and downright evil people. Others may view them as cyber heroes trying to protect the world from global warming and the abuse of power by global corporations.
In the past few days, however, Anand had changed. He knew that what he was doing now was wrong. It was against the law, although it was actually not so clear whose laws he was breaking. Anand was in India, and in order to get his revenge on Mr Thomas McNunn, he was hacking into global companies, whose servers and computer systems were being hosted in countries distributed throughout the world.
So, even if he was caught, who would prosecute him, and which laws had been broken and in whose country?
Good questions.
When he had originally conceived of his plan, everything he had planned to do was to achieve one end goal: to make Mr Thomas McNunn say he was sorry.
Over the past few days, however, this plan had morphed. At first slightly, but then significantly more.
Anand had decided that the only way he could truly obtain absolution for his part in the death of Jonathan was for Anand not just to make McNunn say he was sorry, but to actually, really, truly, make him sorry.
Then at some point this had again morphed, perhaps, into something even more.
Anand was going to go one step further.
He was also going to exact his own personal revenge upon Mr McNunn.
Not only was Jonathan going to make him say he was sorry, but step-by-step, byte-by-digital-byte, he was going to erase Thomas McNunn from existence in the modern world.
By the time he was finished, Mr Thomas McNunn would no longer exist.
Chapter 28
Tommy McNunn's House,
Edinburgh
Tuesday
10.15 p.m. G.M.T.
Tommy McNunn knew that he was drunk, and that in this state he couldn’t be light and nimble even if he tried.
The moment he started to move around the room in the dark, whoever was in the hallway hunting him would hear him immediately.
Although doing nothing was against every instinct he had, he knew, even in his drunken, befuddled brain, that lying low, not moving and staying silent was, right now, his best, if not only defence.
He could hear the person coming closer.
Light footsteps. Belonging to someone who was obviously trying to sneak up on him, assuming he was probably asleep in bed with all the lights out.
As he lay on the floor, trying to breathe as shallowly as possible, he cursed the accountant, making a mental note to exact some form of physical, painful, retribution for fucking everything up so badly.
If only Tommy had been able to get to the guns. He would have had the element of surprise.
A single quick bullet into whoever came into the room, and he would be safe.
"Tommy?" a voice called from the hallway.
Tommy's heart skipped a beat.
He recognised the voice.
It was Mrs McNunn.
“Charlotte? Here!" Tommy replied. "I'm in the study," he blurted out, and instantly regretted it.
What happened if she was with someone? If she was being held at gun-point?
Quickly, he lifted himself to his feet and stumbled clumsily towards where he knew the doorway to be.
His intention was to hide behind the door, and jump on whoever it was that might be with his wife.
Unfortunately, in the dark, and suffering from the whisky and getting up too quickly, he accidentally stumbled into the edge of the door and let out a cry of pain as he felt a sharp pain in his ribs.
"Tommy?" his wife immediately called out.
"Bastard!" he screamed loudly, wincing as he pushed away from the door back into the room.
There was the sound of hurried footsteps and a torch beam cut through the darkness and landed on his face.
Tommy staggered to the side, blinking and trying to see if she was alone or with someone else.
"Are you okay, darling?" she asked, concerned, reaching out to him.
"Are you alone?" he demanded to know, still ready to jump at whoever else might appear, although suspecting he would probably miss and just end up as a heap on the floor.
"Yes, darling. I am ..."
"So, what are you doing home? I thought I told you to stay in a hotel tonight!" he shouted at her, reaching out to steady himself against her arm, his other hand rubbing his ribs.
"I did try to. I went to the Balmoral. But they wouldn't give me a room."
"Why not?"
"Because they insisted that I had to pay a deposit, and all my cards were declined. Even my credit card."
"What?" Tommy asked, reaching out and taking the torch from her hand, turning it around and flashing it on her face. "Have you been crying?"
"Yes," she replied, quickly slapping his hand away, being blinded by the light. "It was so humiliating. There I was, insisting that we have tons of money in our accounts, and demanding that they try each of my cards repeatedly. Eventually the manager came, - he was very nice about it, but in the end he basically insisted that I should leave and not cause any more fuss. So I did. When I got back to the car, I called the bank to find out what the hell was going on. Tommy, all our accounts are empty. We haven't got any money left! We've been robbed!"
-------------------------
Tommy McNunn's House,
Edinburgh
Tuesday
11.00 p.m. G.M.T.
Tommy McNunn was shaking with anger and fru
stration.
He was staring at his computer. Strangely, there had been no problem powering it back up after it had switched itself off earlier when the electricity had all gone off.
Checking the battery, he had seen there was probably about thirty minutes of life left in it, so he had immediately tried to log on to his online bank account to check his wife's claim that they had been robbed. Only to confirm that there was no internet connection because his router was dead.
It was then that his wife had surprised him.
"I can set my phone to broadcast a Wi-Fi connection to you, and you can get the laptop to connect to the internet wirelessly through my phone."
Tommy had stared at her. Incredulously.
"How did you learn to do that?"
"I'm not just a pretty face," she answered back.
What was even more surprising was that it worked, and soon Tommy was online, staring at his bank balances.
They were all zeroes. His wife hadn't been joking. All his accounts, all six of them, were empty.
"This has got to be a mistake. This can't happen, right?" he said, turning to his wife, who was sitting beside him, peering over his shoulder.
"It has to be a mistake!"
"It had bloody better be. It's got to be some sort of computer glitch, right? I mean, this morning we had almost seventy thousand pounds spread across these accounts."
"Only seventy thousand? Where's the rest?" his wife asked, with a slight edge in her voice.
"Invested. Don't you worry. It's safe."
"Invested where?"
"Like I said, somewhere safe."
"So, tell me. What happens if something happens to you? I need to know."
"Nothing's going to happen to me, darling. You don't need to worry about that."
"In your line of work, I wouldn't guarantee that. Seriously, you need to tell me where the rest of it is. How much have we got now? Five million?"