Dr Jennifer Bowers opened the door of the conference room and switched on the light. The air smelt stale, although, thank God, since the smoking ban it no longer reeked of ashtrays. These internal rooms could be anywhere in the world rather than in a building overlooking the Thames. But it felt good to be here at Security Service headquarters in Millbank rather than some of the godforsaken spots she’d been posted to at times. Or even a satellite office in the UK – Manchester or Ludgate Hill.
She placed a brown leather portfolio on the table. Reaching over for the remote control, she switched on the two large television sets and watched as the video conference camera swivelled to face into the room. Her own image appeared on the left hand monitor and she adjusted the neck of her blouse then smoothed down her hair with the palm of her hand. Blonde with a touch of grey. Many people would have resorted to the colorants but she already had a lot of deception in her life.
She selected the camera setting for a one person conference and the image zoomed in on the empty chair facing the screens, just left of centre table. There was a coffee machine in the corner. She walked over and dispensed a cappuccino in a paper cup before taking her seat and carefully arranging her belongings: laptop, notebook, pens, pack of tissues. Preparation was the key to control in any situation. She looked at her watch and took a sip of the coffee.
The incoming call came exactly at one o’clock. The sound of a ringing tone over the loudspeakers and the right hand screen flashed into life. The caller was younger than her – perhaps in his late thirties – his hair cut in the American style, as short as clippers could make it. He was wearing a checked sports coat.
“Good morning, Allan,” she opened the call. “I’m sorry to get you up so early but my diary’s full for the rest of the afternoon.” Allan Jacobs was her main CIA contact, often just for routine arrangement of the formal meetings between the heads of their respective departments; occasionally, as now, when something unexpected came up. He was a high flyer. But reliable, that was the main thing. And he didn’t share the tendency to panic that marked some of his colleagues.
“No problem. I knew last night was short notice and I’m always in by seven thirty.”
“And what’s so urgent in Washington that it couldn’t wait for tomorrow’s joint committee meeting?”
“I wanted to touch base with you ahead of the meeting. We have an anomaly and I wanted to check whether you’d picked anything up on your side of the pond.” The American smiled, his expression momentarily distorted by a ripple in the picture before it settled down. “We think there’s a very sophisticated piece of malware out there. It may be disguising itself as a System Idle Process.”
“Can’t say that I’ve come across that one.” Jennifer frowned. “But what do you mean, ‘may be’? Have you detected it or not?”
“Good question. Quite by chance, we came across some hidden files on one of our restricted systems after a scan of the registry showed that one of them would auto-load at Start-up with the name ‘System Idle Process’.”
“And it wasn’t a system file?”
“Not at all. And this system was running Windows Seven. System Idle Process was something from the old Windows XP system. Win 7 doesn’t have an idle process anymore.”
“I suppose your forensic people had a field day with that. What did they find?”
“Absolutely nothing,” the American said flatly. “Nada. Zilch. Nobody had touched the computer but the suspect files were gone. The registry was clean.”
“Might someone have been imagining things?” Jennifer raised an eyebrow.
“We thought that too. So we checked a few other machines in the facility. Same pattern. The first few we checked had the registry entries and the files but as soon as we started to look for the details they disappeared. Then, after a couple dozen systems where every one was positive all the rest were clean.
“By this time we were getting nervous. I won’t tell you where these systems were but they got max attention. Our techies pulled them apart and went over the disks with a fine tooth comb. Then we checked the BIOS that allows the computer to attach to disks and load programs. It had been altered!
“And not only on the machines that had tested positive. On the other machines as well. Whoever wrote this thing knew exactly what they were doing.”
“Good Lord!” Jennifer exclaimed. “Have you found out who did it?”
“Not yet. There isn’t much to go on. All we know is that it seems to be more sophisticated than an amateur could produce. We can’t rule out terrorism or even a hostile government but it isn’t even clear yet that we've got a fixed signature. We think there’s a link to the BIOS modification but that’s not certain. That’s why we wanted a check with your people.”
“What’s the payload? If we think about the damage it’s going to do, perhaps we could work backwards to who’d have a motive.” Despite her computing background, Jennifer knew that the human element was usually the best place to start.
“We’re working on that but you have to believe me when I tell you this thing is well engineered. The boys in the lab are concentrating on trying to capture a live example on disc but so far they haven’t managed it. Their idea is to fry a processor before it can delete the intrusion and then mount the disc on a clean machine but so far they haven’t been quick enough. I know it sounds stupid but it almost seems as if, as soon as they choose a machine to inspect it gets cleared up.”
“How can you be sure that the problem is still there if you can’t see it? Are you seeing threats where none actually exist, perhaps?”
“We can’t be sure, is the bottom line. But the symptoms are there. Unknown, encrypted traffic streams on the network. Peripherals – webcams and microphones – switched on when they shouldn’t be, system closedown disabled. A systematic pattern of odd things that you’d dismiss in isolation.
“And in any case, we can’t just leave it. Even if it eventually turns out to be a false alarm, we have to investigate. Our whole military and security apparatus is jeopardised until we clean this. We have to view anything as carefully engineered as this as being potentially hostile. This is the front line of the cyber war and we can’t be too careful.”
“Chinese? Iranian? Russian? Does anything push you one way or another?”
“Not even a smell.” Allan laughed. “And the trackers have been out sniffing for a week. You can understand that our people were reluctant to ask for help on this one but, in the end, we had to alert you and ask you to check a few of your systems.”
“So do you want this on the agenda for tomorrow?” Jennifer asked.
“Not unless we find something more. No need to raise the alarm as yet. The last thing we need is to feed questions we can’t answer to the innocent Senior Citizens.”
“Quite,” Jennifer said carefully. She had to trust Allan’s judgement that this wasn’t imminently about to blow up. “But some urgent investigation sounds like a wise precaution. And judging when to tell them’s going to be a delicate choice.”
No comments:
Post a Comment