Tom Clancy Enemy Contact - Mike Maden Read online

  “So basically we’re cops who are going to break into the mayor’s office so that he keeps putting cops on the city payroll.”

  “Or, ideally, hires even more. Anyway, that’s why I wanted to talk to you about the next Red Team attack. Where are we on the PassPrint program?”

  Watson was referring to the CloudServe research program Fung was heading up, using AI to create a master “passkey” of AI-generated fingerprints.

  In theory, every human fingerprint was unique, and in theory, only the human possessing the unique fingerprint could pass through a biometric screener. The intelligence community had fully embraced biometric security, and their fingerprint scanners were top-drawer.

  However, a couple flaws existed in every biometric scanner, even the high-dollar ones favored by the federal government, including the one on Watson’s desk.

  Just like computer virus scanners, fingerprint scanners worked by comparing data inputs—a finger placed on a screen now compared against a known database of fingerprints. If the new scan matched the prints on record, entrance was granted.

  The problem was that most people didn’t provide complete fingerprint scans for the database for all kinds of reasons, most of them human error, such as oily fingers or dirty recording glass. The same was true on the other end, too: Oily fingers and dirty scanner glass on security machines read only partial prints.

  Therefore, all biometric scanners were only able to compare partial prints to partial prints.

  It also turned out that while every complete human fingerprint was unique, portions of every fingerprint—arches, tents, whorls—were startlingly similar.

  The Red Team decided to try to exploit these flaws by designing an AI-driven program that built millions of fake fingerprints into a single master passkey, not unlike the ones maids used to enter hotel rooms, even though each door lock had a unique passcode. By generating enough digital arches, tents, and whorls, the PassPrint passkey would display enough fingerprint similarities to fool any biometric system.

  “I just ran the last of the simulations last night,” Fung said. He smiled. “I think we have a winner on our hands.”

  “That’s fantastic. Because I think I know the perfect way to deploy it.”

  21

  Deploy the PassPrint how?” Fung asked.

  “When I was at the Fort Meade conference with Foley, there was an analyst, Steve Hilton. Very quiet, very smart. He’s the IT director at the Department of the Treasury’s Office of Intelligence and Analysis. We struck up a conversation over coffee and he happened to mention his department needed a new printer, but there was some snafu in the paperwork and it wouldn’t arrive for another two weeks.”

  Fung shrugged, irritated. Is there a point to your stupid story? “Okay.”

  “I want to put a worm on his wireless printer that will jump from there to his computer.”

  “How? The Feds have bulletproofed their wireless devices.” Fung frowned. “But you already know that.”

  Watson accepted the compliment with her own shy smile.

  In her first meetings with Foley and the IC Cloud committee, Watson pointed out the unbelievable fact that throughout the federal government there was no comprehensive program in place to ensure that civilian or military systems didn’t contain integrated circuits with malicious functionality. American combat jets could be firing missiles at Chinese fighters with microchips designed by the PLA—and designed to fail. These malicious integrated circuits, if they existed, could be installed anywhere, including combat systems, medical devices, communication networks, and, of course, the computers used throughout the intelligence community.

  As seemingly insurmountable as that problem was, Watson was even more concerned about the fact that there were literally millions of devices throughout federal government offices with the potential for spying applications.

  The federal government didn’t manufacture the everyday devices required to run a modern office. Printers, phones, computer monitors, HVAC thermostats, and other commercial off-the-shelf (COTS) devices were manufactured and distributed by thousands of private vendors. Many, if not most, were not only manufactured overseas, but contained software or firmware created without any kind of security protocols.

  Worse, most of these machines were created to function wirelessly, not only for automated “machine-to-machine” software and firmware updates, but also for energy and work efficiencies.

  Globally, the so-called Internet of Things (IoT) comprised more than twenty billion devices, and that number increased exponentially each year. Millions were already in operation in the United States. Many of these IoT devices might already be compromised by foreign actors with bad intent.

  Watson had no solution to the first problem of compromised integrated circuits; she learned later that DARPA was launching the TRUST in integrated circuits program to address it.

  But Watson did have a very practical solution for the IC regarding the problem of a compromised IoT—get rid of every device and start over with certified equipment protected by IoT security protocols. It was an expensive solution, but far cheaper than the cost of a compromised intelligence community.

  Foley agreed, and under her leadership, closed-door congressional budget committees were dragged across the finish line and the costly cleanup process nearly completed.

  In short, it was impossible for Watson’s IoT worm attack to succeed.

  Or was it?

  “‘Bulletproofed’ is exactly what I’m talking about,” Watson said. “Foley and her people think that the IoT problem is solved now. That means they’re not looking in that direction, so that’s where I want to hit them.”

  “How? Every federal vendor is registered and must pass through their biometric security system. It isn’t possible unless—oh, snap.” Fung grinned. “Our guy will use the PassPrint device to get past security.”

  “Exactly. And with the compromised printer in place, we can count on Mr. Hilton to hand-deliver our worm into their system.”

  “After it’s in his computer, the worm could go anywhere in the building, and, hell, after that, the entire IC. God, I love it.”

  He really did. The spy stuff gave him a real boner. It was why he loved this job. Better still, Watson clearly wasn’t sniffing him out for anything suspicious. It was like she was describing the tantric sex the two of them were going to have that night without her realizing he was already sleeping with her boyfriend.

  Awesome.

  Watson added, “I know it’s a long shot and there are a lot of moving parts, but if we can pull this off, we’ll nail that new multiyear contract with the Feds we’ve been angling for.”

  “This is so very John le Carré of you. I’m impressed.”

  “Thank you.”

  Fung rose. “I’ll get right on it.” He turned to leave, eager to jump into a project that he could get excited about and dodging a bullet all at the same time.

  “Oh, wait,” Watson said. “There’s just one more thing.”

  Fung turned around, grinning. “Yes?”

  “I was lying in bed last night and it suddenly occurred to me that there’s an issue we never got resolved. I came in early this morning and looked at my notes and I don’t see a conclusion.”

  “What issue is that?”

  “We talked about an exploit that we thought might have existed in the CIA comms terminal at the NRO.” Watson frowned. “If someone broke into that terminal, they would have eyes on every piece of secured intel throughout the IC. It would be another disaster.”

  By “another disaster,” Watson was referring to the breach several years prior of the CIA’s Internet-based secure comms program in Iran. It had been compromised by a double agent and, of all things, a simple Google search. A similar breach occurred in the same system deployed in China. Agents, assets, and networks were rolled up in both countries before an
yone knew what had happened, putting all global clandestine operations at risk. A number of invaluable in-country assets were either imprisoned or killed as a result, undoing decades of fieldcraft.

  The Feds abandoned the flawed Internet-based system and instead put laser focus on securing all IC communications behind the impenetrable IC Cloud.

  If that system were subsequently breached?

  “Yeah, a disaster for sure,” Fung echoed, his mind racing as fast as his heart.

  But panic was the mind killer, and his mind was his best weapon. He took a deep breath through his nose, willing his heartbeat to slow.

  Think, damn it!

  Does she know? Is she just fishing? Testing my response? Trying to get me to confess?

  No. If she knew anything for sure, I’d already be in handcuffs. Hanlon’s razor applies here, or Occam’s.

  After all, she was the one who pointed out the flaw to me—it’s how I found it in the first place, and exploited it. She raised it before, and now she wants to close the books on it, that’s all.

  “Oh, that’s right. I remember now. We thought there was a problem in the code that would have allowed an external machine to read into the mirroring function. I double-checked it. There wasn’t a problem. The security protocol was just in a different part of the script.”

  “Did you test it?”

  “Yes.”

  “How? You can’t access the NRO machine remotely. Did you go out to Virginia?”

  “No. I was too under the gun around here for that. I just uploaded the code into one of our simulators here on premises and tried to break into it from my workstation. Couldn’t do it.”

  “You think that’s good enough?”

  “I’d bet my life on it.”

  “Whew. That takes a load off. I’ll make a note in my records. Thanks for taking care of that.”

  Fung shrugged. “It’s my job.”

  Watson leaned back in her chair. “You really are always one step ahead, aren’t you?”

  Fung smiled. “I try, boss. I try.”

  22

  SAINT PETERSBURG, RUSSIA

  The port of Saint Petersburg was a twenty-four-hour-a-day operation, the busiest commercial terminal on the Gulf of Finland, feeding into the Baltic Sea.

  At some sixty million tons of cargo a year, Saint Petersburg was also one of Russia’s busiest ports, but with a variety of Western embargoes in place, that wasn’t saying much these days. Rotterdam—Europe’s busiest port—serviced nearly seven times as much. Saint Petersburg hosted all kinds of shipping traffic, including big cruise liners, tankers, and RoRo ships. But container ships and their standardized intermodal containers made up the bulk of operations.

  The big steel boxes had revolutionized commercial shipping traffic, expediting loading and unloading from ships to trucks by many orders of magnitude. That was the reason more than twenty million containers were in service around the globe.

  Thousands of them were neatly stacked and organized according to ship destination in the first cargo area of the Saint Petersburg harbor. But tonight there was only one intermodal container that Officer Sergei Burutin was worried about.

  The one right in front of him.

  Burutin was perched on top of a rolling ladder. The container in question was the second of three in a stack eight meters high in one of the four orderly rows demarcated by a numbered yellow line. The thousands of multicolored stacks of steel containers all across the first cargo area were similarly organized and all precisely arranged like a giant English garden maze. Each intermodal container bore an ISO code—the international standardized letter and numbering system identifying country of origin, container type, owner/operator, serial number, and check digit.

  The still night air was chill and damp, the stars hidden behind a bank of low clouds bathed in the yellow glow of the port’s blazing sodium lamps. Men shouted over the din of rumbling cranes, clanging steel containers, and revving diesel engines at the busy facility.

  The anti-smuggling inspector checked his handheld RFID reader again and cast yet another glance back up at the overhead security camera—out of order for more than forty days now, according to the maintenance report he checked earlier.

  Strange.

  The camera covered operations for a thousand square meters of the staging area, an absolute necessity for his department, always seriously understaffed by the pencil pushers back in Moscow. He was new to this side of the port—in fact, this was his very first day of duty as a newly commissioned inspector—but he had a hard time believing they were any less concerned about the illegal transportation of chemicals, weapons, or persons in Saint Petersburg as they were back at the training academy.

  “Is there a problem, tovarich?” a man asked from down below.

  Burutin turned around. A large, bearded man in beige maritime coveralls and a light winter coat smiled broadly at him as he approached. A slightly built Asian man, ten years younger and half a head shorter, followed right behind him, similarly dressed.

  Burutin climbed down the ladder and shook the older man’s extended hand, lowering the pistol-gripped RFID reader by his side.

  “Name’s Voroshilov.” The bearded Russian threw a thumb over his shoulder, pointing at a rusty blue-and-white freighter docked a hundred meters behind him. It rode high in the water, its first container not yet loaded. “I’m the captain of the Baltic Princess.” He nodded to the Asian. “And this is my chief mate, Mr. Wu.”

  Wu nodded with a forced smile.

  The smooth-faced young inspector’s small hand was crushed in Voroshilov’s iron grip. He returned the same as best he could. “Sergei Burutin, at your service.”

  “We haven’t met before,” the captain said.

  “It’s my first day on the job.”

  “In Saint Petersburg?”

  Burutin squared his shoulders, trying to hide his insecurity. “Anywhere.”

  “Congratulations. It’s an important job.”

  “Thank you.”

  “Where is Oleg? He’s supposed to be on duty tonight.”

  “Officer Konev called in sick earlier. I’m his substitute.”

  “Oleg is a good man. Keeps things moving around here.”

  “I’ve never met him.” Konev was out with a hangover, according to one of his comrades back at the office. Not an unusual thing.

  The burly Russian captain wagged his head, thinking. Finally, he pointed up at a red steel container. “It looked as if you were having a problem with that container.”

  “Yes, as a matter of fact.”

  Burutin climbed back up the ladder. The lockbox on the double doors was padlocked, but the four vertical lock rods were not, as was customary. But one of the lock-rod handles was shut tight with an anti-terrorism supply chain device known as a CTPAT bolt. The certified bolt seal was embedded with an RFID chip and set through the catches. The RFID chip contained all of the data needed to identify the interior contents, content origin, and destination.

  In most cases, the cargo shippers themselves installed and removed the CTPAT bolt seal in order to ensure accuracy and security in transit. But containers subject to legal inspection could be resealed only with new bolt seals and identified as such.

  Burutin flashed the RFID gun at the bolt seal again, then came back down and showed it to the Russian and chief officer. The RFID readout flashed another error message.

  “You see? The contents of this container don’t match my database.” The three of them were standing at the foot of the ladder.

  “What do you mean?”

  “This container was inspected by my department yesterday and bolt-sealed by us, but this is not the bolt seal that was attached yesterday, according to the reader. That’s illegal.”

  The chief officer pointed at the RFID device. “Perhaps your reader is malfunctioning.”

/>   “The error message indicates a problem, not that the reader is malfunctioning.”

  “I’m sure there’s an explanation. But I assure you, the contents are legally registered and the container was inspected by Oleg—excuse me, Officer Konev—and myself just yesterday.”

  “I’m sure you did. But that doesn’t alter the fact that the bolt seal has been changed.”

  “It couldn’t have been changed. I’m in charge of all cargo operations. I would know about it.”

  The inspector smiled thinly. It was just possible this was a test. He had heard of such things at the academy.

  “Yes, you would know about it, wouldn’t you? Still, I must insist we open the container and reinspect.”

  “There is no time for that. We’d have to wait for a forklift—if we can even find one; they’re all busy right now—take the stack apart, and pull out crates of machine parts that would each have to be inspected. It would take hours, and we’re due to begin loading in thirty minutes.”

  “I’m sorry, but the law is quite clear. That, or you leave the container behind.”

  “That wouldn’t be possible, either.” Voroshilov chuckled. “I see you have been well trained. And I respect that. I’m a licensed professional myself, and I take my cargo security seriously. Here, let me show you my credentials.”

  The Russian reached into his coat and pulled out a thick leather billfold and handed it to the inspector. Burutin opened it. On one side of the billfold was Voroshilov’s maritime license, with photo and rank and ratings. On the other side was a thick wad of large-denomination rubles. About a month’s worth of Burutin’s wages.

  “Everything look in order?” Voroshilov smiled broadly.

  The inspector glanced back at the wallet. He was newly married, living in a cramped one-bedroom apartment with his mother-in-law, who slept on the couch. The cash was very tempting, and no doubt more would follow if he cooperated on this occasion. Konev must have worked a sweetheart deal with this man a long time ago. Mafia, maybe? It didn’t matter. It’s not the way his father had raised him.