Frank Fiore – Novelist & Screenwriter

November 18, 2010

Lost CYBERKILL Chapter: A Cyber-Attack Scenario on the US

Filed under: CyberKill — Frank Fiore @ 11:48 AM

With all the recent news on the cyber-attacks on the Pentagon and Iran’s nuclear facilities,  I though I would post this to my blog.

A couple of months ago, I finished a series of blogs that were called Cyberkill:The Lost Chapters. These were unedited chapters that did not make it into the final book.

There was one chapter that I did not include in my series. It described what a cyber-attack would like on the U. S. I left it out because it added additional length to an already long book and decided to literally cover the attack with just once paragraph and a short back and forth dialogue with two of the characters.

So here is the actual scene describing how a cyber-attack could play out on the U.S.

 

Ft Belvoir, MD

“Go to Info-Con BRAVO.”

The command came from Colonel Arden Bartley, Director of the Information Warfare Laboratory from the elevated platform that overlooked the IWL.

Watching the response, Bartley looked up at the colored bank of lights on the stainless steel tower overlooking the command and control deck of the Information Warfare Laboratory as they passed from NORMAL through ALPHA to BRAVO bathing the IWL from a green hue to a shade of blue.

He turned to sergeant on his right. “Status,” he barked.

Tech Sergeant 5th class KC Stone, one of many ‘cyber-soldiers’ trained in information warfare, looked at the readout on his computer terminal then scanned the thirty foot by forty foot full color wide screen monitor that displayed a polar projection of the earth. Under it was a string of smaller 10 foot by 15 foot monitors focused on individual geographical regions dotted with symbols that stood for potential military and civilian infrastructure targets.

“Sir, civilian computer networks have been compromised by unknown cyber attackers,” he said with a cool professional demeanor of someone twice his age and experience. “The attackers used the breach to penetrate the Pentagon’s unclassified global computer network.” Adding, “The attackers have also compromised systems at the HQ of U.S. Pacific Command.”

Bartley turned to Travis Cole, the lead civilian contractor at the IWL. “Are you tracking this, Cole?”

Cole looked up from his computer terminal. “Yes. I’m following it.”

“Then do your AI magic.”

Cole ran his fingers over his keyboard searching through the display of programs scrolling on his terminal eventually stopping at one. Cole was an expert in Artificial Intelligence and among his other responsibilities at the IWL, was the creation of AI programs used to track and identify digital footprints of cyber-attacks.

“Confirmed existence of identified vulnerabilities and am installing patches.”

“Good,” Bartley replied. Once again he turned his attention to KC. “What does the Computer Emergency Response Team recommend?”

“CERT recommends disconnecting unclassified dial-up connections not required for current operation.”

“Do it.”

“Yes Sir.”

“Then I want you to …” Bartley’s attention was suddenly drawn away to one of the 10 by 15 foot monitors above his head.

“Sir,” said KC. “CERT reports that cyber attackers have gained access to the national power grid.” Looking up at the small monitor, Bartley said. “I can see that.” Bartley knew if the attackers succeed they could leave the US in the dark. “Take defensive action.”

“Can’t, Sir. The attackers have gained super user access.”

“Confirm,” Bartley demanded

KC pulled up the latest computer analysis on one of the smaller monitors above his head. It read:

 

CERT ALERT: Intrusions gain super user access to 43 large scale network computer systems in US.

 

Shit, thought Bartley. We’re wide open. They have the ability to create new accounts, delete accounts – turn the entire damn system off!

“Go to Info-Con CHARLIE,” he demanded. The colored bank of lights on the INFO-CON status board passed from BRAVO to CHARLIE and the IWL was immersed in a burnt orange glow. “Sergeant. What do the info-war protocols recommend?”

KC flipped through a red three-ring binder by his desk, found the section he was looking for and replied, “Limit traffic to mission essential communication only. Reconfigure information systems to minimize access points and increase security. Reroute mission-critical communications through unaffected systems. Disconnect non-mission-critical networks and employ alternative modes of communication and disseminate new contact information.”

“Get it done,” Bartley said coolly. “Cole anything yet on those footprints? Can you identify?”

“Working,” was his reply. “Got it. The attacks are coming from somewhere in Asia.”

“Find out where.” Bartley barked, “Status, Sergeant?”

KC looked at his terminal screen then sent the information to the monitor over his head.

 

CERT ALERT: Intrusions gain root level access to 36 of the Department of Defense networks. Sections of the U.S. power grid turned off. Three 500-kilovolt transmission lines extending from hydroelectric dams along the West Coast knocked out. Phone and electrical service interrupted throughout California and Oregon. Interruption cascaded throughout grid. Power plants offline in Rock Springs, Wyoming, in Hells Canyon, Idaho, and in Brush, Colorado. Outrages in several western US states.”

 

“CERT also reports intruders shut down parts of the 911 network in Washington, D.C., and other cities and…” KC paused and took a deep breath, “and have gained access to systems aboard a Navy cruiser at sea.” KC turned to Bartley and said ominously, “Sir, the U.S. Pacific fleet has lost command and control over the Pacific theater of operations.”

Could it get any worse, thought Bartley.

It did.

A cyber-soldier to the left of KC nervously reported, “CERT reports a computer-controlled chemicals factory just blew up in Detroit.” He looked at KC. “Took most of eastern Detroit with it.”

Bartley was quiet for a moment, then said determined, “Go to Info-Con DELTA.” With that, the IWL was bathed in red light. “Sergeant, I want a list of proactive responses – now!”

KC turned back to his terminal and searched through the info-war protocols.

Bartley turned to Cole, “Have you found the source of the attacks?”

“Still working on it.”

“Sergeant. Do you have our response?

“Yes, sir.”

“Put it up on the screen.”

 

PROTOCOL RECOMMENDATION: Isolate compromised systems from rest of network. Implement procedures for conducting operations in stand-alone mode.

 

“Execute – then get me an analysis of those civilian compromised systems. I want to know if any of them are Priority One Critical.” Looking at Cole in anticipation, he said, “Cole? Anything?”

“Got ‘em,” Cole responded. “The attack is coming from North Korea. We should…”

“Sir, KC interrupted, “CERT reports the Palo Verde nuclear plant outside of Phoenix has been compromised. Their system contains what they think is a virus.”

“Cole?” demanded Bartley.

“I’m on it.” Cole gained entry into nuclear plant’s computer control network and surveyed the system. The report was correct. There was an intrusion and an executable program was planted into the administration’s key control systems.  But it wasn’t a virus. “The attackers, using a polymorphic engine, inserted a logic bomb into the control system.” Cole looked at Bartley. “If it goes off, that reactor could go critical.”

“Can you disarm it?” asked Bartley.

“I’ll try. If I can decompile the program, I can defuse the I-Bomb. But it won’t be easy.”

“Why?” asked Bartley.

“The complier would have to generate substantially identical code, even with full optimization turned on, or it would have to recognize the individual output of every compiler’s code generator.” He added, “But my AI software should do the trick. It learns.”

“Can it learn fast enough?” asked KC pointing to the display on the monitor overhead. “The IWL computer calculates the I-Bomb will execute in 3.5 minutes.”

Cole launched his AI decompiler and watched as it worked to beat the clock on the I-Bomb while Bartley and the others watched and waited. Lines of code were scrolling faster and faster through the overhead monitor as the little bit of digital intelligence sought to find the doorway into the I-Bomb.

One minute ticked by. Then two.

Cole…?” Bartley said nervously.

At the three minute mark, the scrolling lines of code stopped. Hesitated, then displayed:

 

PROGRAM EXECUTED. THREAT NEUTRALIZED

 

“It worked!” Cole said with relief.

Bartley put one hand in his jacket pocket and walked over to the red phone on the command deck. He picked it up and said, “Get me the President.”

Turning to KC he ordered, “Prepare to commence Digital Storm.”

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: