New to the Alexandria Project? Find the first and later chapters here. You can also follow the Further Adventures of Frank on Twitter.
“Oh, good morning Agent Cummings! Mr. Marchand would like to speak to you.” The normally sullen receptionist smiled brightly at the handsome young agent.“That’s nice. I’ll get around to it.”
“Oh, but he said right away – just as soon as you arrive. He’s in the conference room right there.” Mary pointed to the door at her right.
Carl gave a nonchalant smile and walked on. Who was George to be telling him what to do?
Ten minutes later, coffee cup in hand, he strolled past Mary again, rewarded her with a smile, and opened the conference room door without knocking.
To his surprise, he saw his CIA boss sitting next to George, and next to him, the head of the CIA’s cybersecurity division, Michael Armstrong. He got a much bigger surprise when he heard Armstrong call George “Sir.”
Carl slipped quietly into an empty chair and decided it was high time he started listening more carefully to what George had to say.
“So that’s the news on the political front. Mike, give me an update on the attacker profile. Dave and I will play devil’s advocate.”
“Unfortunately, we really don’t have a profile, Sir. There’s no end of possibilities for who we could be up against, once you assume that this whole Alexandria story is just a pile of crap.”
Carl’s boss interrupted him. “So let’s stop right there. Why should we assume it’s bogus?’”
“You missed our last meeting, Dave. It was an attack just before that meeting that sealed it. They not only deleted files, but we were able to confirm that they were able to decrypt them as well. What’s important is that these were "litmus test" files that we had planted as bait. We know the encryption algorithm has been compromised before, but we don’t think the bad guys know we know that they’ve got it. So we use it when we want to pass false information to enemies we know will be able to decrypt the message – or, in this case, when we want to know whether we’re up against the pros, or just amateurs without access to supercomputers. So in this case ,we don’t think it’s likely that any bunch of cranks would have been able to get ahold of the algorithm from someone that had it, or would have the skills to crack it themselves.” “So if the Alexandria story isn’t genuine, why are they playing around with us? Why don’t they just do whatever it is they really want to do and skip the theatrics?”
Mike shrugged. “Well, it may be that they need to test their techniques to be sure they work before they pull the trigger on what they’re really up to. Or maybe they still haven’t figured out how to get to what they really want. Either way, they might have figured we’d detect them before long.”
“OK, that’s conceivable. But if it’s not really about book pulping, why are they hacking the Library of Congress?”
Mike pointed to George. “The same reason that Mr. Marchand’s cover is to be the head of the IT department here. Since the LOC is the secret testbed for security systems for the entire government, if they can crack the most secure servers he’s got, they can get to anything in any agency. They’ll even be able to do that next year, after we roll out the new wave of security the LOC is almost finished testing now.”
Mike continued. “So let’s agree to assume that the whole Alexandria story is just a cover to throw us off track. If that’s the case, the letter Mr. Marchand got this morning is brilliant, because now we have to treat the Alexandria Project like a real danger whether it’s a sham or not. Any day now, the cover could blow off if they decide to swipe a file and someone calls the papers – hell, if they decide to start swiping files from the papers! We can get MIT and Google to play ball with us, but we can’t play whack-a-mole with every damn server owner in the country.”
George interrupted this time. “Let’s move on. So now that we’ve decided that we’re not dealing with a bunch of Internet-Luddites, who should be on the suspect list?”
Mike shrugged. “Where do I start? The Russians have been sabre-rattling against us ever since the President announced he supports inviting the last of the former eastern bloc countries to join NATO. “Meanwhile, the Koreans have their hair in a knot because the President is sabre-rattling against them. They’ve been firing off missiles every other day this week to show how tough they are. Of course, the Iranians hate us recreationally to begin with, but since the West finally got their President Ahmadinejad to back off a bit on his beloved nuclear program, his position has been shaky. If he doesn’t figure out a way to make us look bad again, Ayatollah Khamenei may throw him out of the boat to protect himself.
“Next, there’s China. They’re pissed at us over all the things we’re pissed at them about, because we’ve been public about it. They prefer to discuss these things discretely behind the scenes. Maybe they figure that if we’re going to hammer them for harboring cybercriminals anyway, they might as well get something out of it.Mike paused. “And then there’s the French.” Everybody in the room rolled their eyes.
“Let’s not even talk about the French,” George interjected.
“Good call, Sir. So to sum up, we’ve got plenty of eligible suspects, but nothing to lead us to focus on one over the others. And it sounds like we’re just as much in the dark on the technical side, too.”
“That’s not quite true, Mike,” George replied. “We do know they can get past our firewalls at will, even while we’re scanning our system in real time and can’t find evidence of a single unauthorized port. That means even if they had installed a trapdoor to begin with, they’re no longer using it. So they must be able to fool our system into thinking they’re an authorized visitor.“We also know that we can’t catch them when they enter, or track them once they’re in. My best guess is that they enter during a time of heavy traffic, and have figured out how to change their identity every few seconds once they’re in. That way they don’t leave any breadcrumbs for us to follow. Shortly after logging in, they update the code we can’t find that steals the files, or maybe they delete it and plant it again somewhere else, and then log out. Hours later, it executes, and bang! – we’ve been had again.”
The CIA men absorbed that for a moment. Then Mike spoke up.“So how about your boy Frank? Has he come up with anything yet?”
At that, Carl sat bolt upright, spilling half of his still-steaming cup of coffee into his lap.
Noticing his presence in the room for the first time, the others turned to watch him thrashing away at himself under the table.
Suppressing a smile, George decided to cut Carl a break. “Perhaps we owe you a bit of an apology, Carl. You see, Frank isn’t on the suspect list at all. Never has been. But he really is a genius when it comes to security. If anyone is going to figure out what’s going on here, it’s him – but only if he really drills down on it. And that’s not Frank’s strength.”
Flustered, Carl ignored his junior status and asked, “So you played me off to set him up?” “Actually, Carl, I set him up more than you did. You see, the weekend Frank’s file disappeared wasn’t really the first time the Alexandria folks hit. We’d been losing files for two weeks before that, and had gotten nowhere. So I taped their contribution message, removed Frank’s file myself, and left the video for him to find. Your part came later, and you played it perfectly – just as we had hoped.
“Frank has been knocking himself out analyzing how these files are disappearing ever since instead of doing his day job like he’s supposed to. And starting next week, he’ll be able to work on this full time, because I’m putting him on administrative leave.
Carl was trying to calculate whether he’d been made to look stupid or not, and he didn’t like the way his math was coming out. This meeting had been just one surprise after another. What could possibly happen next?
George obligingly supplied the answer. “Which brings us to why we’ve asked you to attend this meeting, Carl. Now that you know what’s really going on, it’s time you were reassigned.”
OK, that was a surprise. To what?
“When you walk out of this room, your new full-time job is to protect Frank Adversego, without him knowing it, and without allowing him to guess that he’s no longer a suspect. Among security people that matter – here and abroad – Frank is very well known. He’s still a go-to guy for anyone who is anyone in cybersecurity, and on line he can go anywhere and be in touch with anyone he wants to.
“Whoever is really behind the Alexandria Project will assume that Frank is playing a key role in trying to lock them out. We need to assume that they will be more than willing to do anything necessary to prevent him from doing that.”
“Do you understand?”
Carl nodded, adding “Yes Sir” in response to a glare from his boss.
“One last thing,” George added. “As you know, Frank has a daughter named Marla. The next best way for the bad guys to get to Frank would be to get to her. So the second part of your job is to do everything necessary to protect Marla. We’ll make sure you have access to the resources you’ll need to cover both of them.”
Carl looked down at the table. He was beginning to feel ill.“Good. Then this would be an excellent time for you to get started, don’t you think?”
“Yes Sir,” was the only available response, so Carl stood up, yes sired George, and left the room, ears burning and empty coffee cup in his hand.
Mary, of course, was lying in wait for him. “Did you have a good meeting, Agent Cummings?” she asked brightly.
Carl tried briefly to recompose his face, and gave it up. “Actually, I found it rather disillusioning.” He set his coffee cup on her desk, took his coat from the closet, and left her sitting, puzzled, at the reception area desk.
– 0000 – 0001 – 0010 – 0011 – 0100 – 0011 – 0010 – 0001 – 0000 –
Email this chapter to a friend
Email the first chapter to a friend
Read the next chapter
Read the last chapter
Follow Frank’s Further Adventures here and on
Did not see that comming. Or did I 😉
A question. You write "They would have needed a couple hours of supercomputer time to break the code and decrypt those documents."
This one puzzled me.
It is obvious that no amount of available computer time will crack the encryption of a "modern" cipher. And I do not believe for a second that AES and the likes have backdoors. However, most people use weak passwords, so I assume that LOC documents are stored with 8-10 character standard letter passwords. That would make sense if the LOC was used as a test bed for ordinary (bad) security habits.
On the other hand, a simple 10 character password with obvious Capitalization and numb3r subs71tu710n would probably not be more problematic than a 50 bit password. And the password will be reused anyway so subsequent documents from the same users will be trivial. 50 bit strong passwords can be handled by an array of video cards. That is not what you would consider "hours of supercomputer time".
I feel like I miss something. Or not?
Winter
Winter,
[Geeklog has decided that some innocent word here is actually a spam warning flag, so I’m going to have to delete paragraphs until I find the one that has the problem word]
I’m sure you’re not missing something at all, and I appreciate the comment. I probably need to rework this. What I was driving at is that there are a variety of ways to make a system more secure. Vis-a-vis the Internet, of course the best thing to do is to isolate the system entirely. Even then, passwords would remain essential, as would lead shielding or a sufficiently big guarded perimeter to prevent electromagnetic tracking, and so on.
As I expect you already know, for a site that is vulnerable to an Internet-source attack, one additional line of defense is to have end-to-end encryption, so that data not only enters in encrypted form, but stays that way, being unencrypted only when it’s actually in use, after which it gets re-encrypted before being stored again.
By the way – you send me an email awhile back that I tried to reply to, but couldn’t. I got a message saying that your server probably didn’t accept it.
Best,
– Andy
Winter,
OK, here’s a rephrase of the problem paragraph, which would have been the second to the last:
Since I’d already said that they’d figured out the password part, I was trying to come up with a new level for them to breach. I’ll go back and edit the problem sentence when I get a chance later today to use a different way to make the same point.
– Andy
I’m enjoying the book. I love mysteries. This chapter completely threw me. One idea: a crib sheet for who is who. I was lost for a while when the people were talking, trying to remember who George was.
And please throw in as much technical detail as you can. Frank’s world revolves around the technical side of security, and it won’t be as real without it.
@Inxwalt,
I’m glad you’re enjoying the book, and by "threw" I hope you mean in a good way (i.e., I surprised you). I like the idea of the crib sheet a lot, and will try to fit that in before the next chapter, so thanks for the suggestion.
Speaking of suggestions, since I’m a lawyer, and not a programmer, advice on the technical side is always more than welcome.
– Andy
First time I hear about the Alexandria Project. I am a huge fan of mysteries and science fiction so I’ll be glad to check it out. Thanks
—
griddle