The Standards Blog

Life Imitates Art in Cybersecurity (Again)


Have you discovered The Alexandria Project?

Well, it’s an interesting world we live in, isn’t it?  I say that because one of the lines I came up with to promote my cybersecurity thriller, The Alexandria Project was, “It’s only fictional in the sense that it hasn’t happened yet.”  There wasn’t much question in my mind that this statement would prove true, but I hadn’t expected that it would happen so quickly, and even so precisely.  In the latest example, it almost makes you wonder whether those involved have read my book.

The first time around, it was a missile test by the North Koreans that left people wondering whether the launch might be a mask for something more sinister. You can read about that episode here. Now, further details have come to light regarding a major assault by attackers unknown against Aramco, the world’s largest oil company.  The virus introduced via that break in accomplished the impressive feat of wiping clean the hard drives of three-quarters of the PCs of Aramco’s 55,000 employees. When those users returned to work after a religious holiday and tried to open a file, any file, this is what they saw instead: an image of a burning American flag.

If you’re a long time reader of this blog and that sounds eerily familiar to you, well it should. Remember this? - 0000 - 0001 - 0010 - 0011 - 0100 - 0011 - 0010 - 0001 - 0000 -  Frank snapped open his laptop and punched the keys with fury, rushing through the complicated log-in sequence that would take him into the heart of the Library of Congress’s system, where his proposal was archived. Highlighting the file name, he hit the entry key, leaned back, and waited for the proposal to display. Except it didn’t. Frank leaned forward and poked the Enter key again. Still nothing. Perhaps his laptop was frozen. But no - he could still move his cursor. Then Frank noticed that something on the screen was changing: the background color was warming up, turning reddish, orange and yellow, as if the sun was rising behind it. Now that was different! Frank watched with growing astonishment as the colors began to shimmer, and then coalesced into shapes that might be flames. Yes, flames indeed – but not like a holiday screen-saver image of a log fire – this was a real barn-burner of a conflagration! Frank wondered what kind of weird virus he’d picked up, and how. After all, he was an IT security specialist, and if any laptop was protected six ways to Sunday, it was his. So much for whatever he had planned for today; he’d have to wipe his disk and rebuild his system from the ground up. He was about to shut the laptop down when he saw that the flames were dying away. Now what? An image seemed to be emerging from behind the flames as they subsided. Frank leaned forward; the image became a tall building - maybe some sort of lighthouse? Underneath, there was a line of text, but in characters he couldn’t read. Truly, this was like no virus he’d ever seen or even heard of before. He reached for his cell phone and took a picture of the screen just before it suddenly went blank. Frank was impressed. Whoever had come up with this hack certainly had a sense of style. A weird one, but hey, graphic art of any type wasn’t the long suit of most hackers. Frank got a pad of paper and a pen from his desk and punched up the file directory again, highlighted his proposal, and pressed the Enter key again. This time, he would watch more closely and take notes. But all that displayed was a three word message: “File not found.” Frank tried again – no luck. He did a search of the entire directory using the title. Nothing. His proposal was gone. Now he was alarmed. After all, the directory he was staring at was in the innermost sanctum of the Library of Congress computer system, and the LoC was the greatest library in the world. Within its vast holdings were books that could be found almost nowhere else on earth. Recently, the Library had begun digitizing materials, and then destroying the physical copies. If someone had been able to delete files in the most protected part of the Library’s computer system, what else might be missing? Frank raced through a random sampling of sensitive directories, and then let out a sigh of relief; it was hard to tell for sure, but everything seemed intact. He checked the server logs for the Library’s indices, holdings and various other resources; everything appeared to be undisturbed, with no unusual reductions in the amount of data stored. Frank drummed his fingers on the table in the cramped dinette. How to go about figuring this one out? Then he remembered his cell phone, and sent the picture of the screenshot to his laptop. The picture wasn’t great, but once he enlarged it he could tell that the characters were Greek. He cropped the image until just the text remained, then ran it through a multi-script OCR program to turn the picture of the Greek characters into text. Finally, he pasted the text into a translator window. No luck – all he got was a “cannot translate” message. Frank’s fingers started drumming again. He reopened the drop down menu of languages in the translator screen and noticed another language option was “Ancient Greek.” He highlighted that choice and hit Enter. This time, the screen blinked. Frank looked, and then he blinked, too. But the translation still read the same:    THANK  YOU  FOR  YOUR  CONTRIBUTION
TO THE  ALEXANDRIA  PROJECT   - 0000 - 0001 - 0010 - 0011 - 0100 - 0011 - 0010 - 0001 - 0000 -
  If that whets your appetite to read the rest, you can buy the complete book, extensively re-written, at Amazon, Barnes & Noble, iTunes, and all of the other usual outlets.