I hope you like it, and if you like it, please share.
~ ~ ~ ~ ~
“What do you want me to do?”
Zachary’s voice was strained, his arms, crossed.
“Keep loving me!” Lucy said, tears welling in her eyes.
Really? Zachary wondered why Lucy went to extremes like this. Why she would fathom that he did not love her, yet after eight years of marriage, this is what she would bring up again and again. As if he would… as if he could stop loving her! This was a normal cycle of an argument for them, and it was one he knew well.
“I never stop loving you, Lucy.” He put his arms around her waist and pulled her to him. He looked into her deep, green eyes and kissed her gently but passionately. “And of course I am on board with this. We do this together. I want a baby, too.”
“What if I can’t?” Lucy stammered, tears welling up in her eyes. “What if I can’t get pregnant? Or if I lose the baby mid-term again! What if…”
“What if you stop worrying about problems we don’t have. How about that?” Zachary countered. “We’ll handle whatever problem comes up. I promise. Let’s not worry about them now.”
Zachary took the white, plastic stick from Lucy’s hand and held it up. A light blue minus sign showed on in the little display. “This just means, ‘try again.’ And I do love trying,” he said with a coy smile.
Lucy smiled too, blinking away her tears. “I think we need to try right now.”
They kissed and, hand in hand, moved to the bedroom. Sometimes, their love play was passionate and driven. Sometimes, it was gentle and slow. Zachary was completely enamored with the woman he married and it showed in every way he touched her.
Zachary Foxborne watched CNN later than night. The headline ticker read “Global Messaging Hoax.” They were interviewing a network security analyst from Sentia Solutions, Andre Gomez. He was there to address how this could have occurred.
Andre Gomez was distinguished-looking without being old. He was geeky without being uncool. Zachary had met him once and had worked at Sentia long enough to know that Gomez was just regurgitating what he was told to say. Unfortunately, he didn’t say much.
Apparently, the message sourced from just “5l@x0rH@x0r” with no domain name following it; no ‘@yahoo.com’ or whatever. The Internet, and email in general, just does not work without domain names, he pointed out. The TCP/IP protocol suite can work on just IP addresses without using domain names, but even this was not evident in this case.
Gomez went into some functionary descriptions of how email servers do spam-checking – checking for what he called “spoofed” email addresses and so on. Apparently, not only was all of this by-passed, it was not even recorded on any server or intermediate network device. Not anywhere on the entire Internet; even servers who only function to track e-mail traffic failed to have any record of it.
That Monday, Zachary had a new meeting on his schedule. It was a short presentation and as the meeting concluded, he learned he was to lead a team at Sentia Solutions in finding the source of the hoax email. This was big, but it was also a cool project, tracking down the source of a high-profile virus or malware was about as cool as it gets for someone in his field. He was excited to not only be part of the team, but to be the lead.
Still, short of overloading a few email servers, the message had not been noted to have done any real harm. Yes, it distracted people and therefore cost businesses productivity as people started speculating on the source or philosophical aspects of the message, but no harm had been noted. That was to be his first step in analyzing the message; what underlying, hidden vulnerability did it expose? Did it plant a backdoor on the computers or devices it infected – something the creator might activate at a later date, or was set to activate at a specific date?
Typically, a virus was a program or computer script that claimed to be one thing, but in fact did another. One of the famous ones was Fireworks23.exe, released in the late 1990’s.
It claimed to be a program that, when run, would do a pretty display of fireworks on the screen. It did do that – the fake fireworks looked cool for the time – but it also stealthily downloaded and installed another program from the Internet that would allow remote connectivity. The program activated and hacked into the user’s email, sending an email to everyone in the user’s address book, telling them this was, “A very fun program!!!! Check it out!!!!”
The link included in the email installed Fireworks23.exe, which proliferated and spread across the Internet, and the more users executed the program, the more vulnerable machines there were. Of course, the average user didn’t even know they were vulnerable. They didn’t know that there computer (and all of the data and files stored on its drives) could be accessed by someone in China, running the client-side of the software that had been unwittingly run on their machine.
Most people thought computer viruses were there to cause instability and crashes. Over recent years, they had far more nefarious purposes, and it was only due to badly written code that they crashed the systems. At least in most cases, this was true.
Trojan Horse viruses like Fireworks23.exe were so-called because the claimed to be a program of one type, but when run, did something compromising or detrimental, just like the Greek soldiers that hid within the wooden horse that was presented as a gift to the city of Troy.
Zachary Foxborne had worked on the team that identified the Allison virus, which struck millions of PCs in 2007. The virus, which hid itself in a .DOC file, exploited a vulnerability in Microsoft Word and Outlook, and would send itself to the first fifty addresses in Outlook’s address book. The subject line of the infected e-mail sent out was: “My Pictures of Username”, where Username was the name to whom the sender’s copy of Microsoft Word was registered.
Much worse was the variant of the virus named ‘Allison B/N’ which would find and destroy Microsoft Excel documents, randomly deleting sets of data from files, or make the files completely useless by applying sets of malicious macro code. To simplify the code, the author has encrypted a vector search pattern in it, so the virus could only delete linear sets of data, usually random rows or columns in a table. It also had a search parameter that made it selectively change unique sets of data, so as to cause more damage.
Still later, a variant of this virus would make backup copies of the destroyed files and then demanded a ransom of $100 to be transferred into an offshore account in return for the files.
Zachary had been instrumental in tracing this back to the originator – a programmer in Russia. Due to a malfunction in the code, the code made copies in about one-percent of cases of infection, and did not proliferate as much as earlier variants.
The virus was rendered obsolete by Sentia Solutions when it was discovered that it leaves visible traces in the registry of the Windows Operating System, providing enough data to ensure its safe removal and the retrieval of the data held hostage in a hidden directory on the local hard drive. Zachary programmed the signature and fix for this variant, preventing an estimated 240 million dollars’ worth of lost data.
Still another version of this virus variant would modify the backed-up data, fooling the user even further. It searched for numeric data inside the files, and then, with the help of a random number generator, slightly modified the data, making it useless.
Identifying such threats and providing remediation through updates to the Sentia SAFE anti-virus program, Sentia had become one of the biggest players in the computer security game, their software being used by many governments, including the United States. Sentia Solutions is considered the foremost authority in identifying malicious programming threats.
Sometimes, hundreds were identified each month in “the wild,” meaning that it was actively proliferating on the Internet. This was big business, and Sentient Solutions saved companies hundreds of millions of dollars every quarter.
They also took the brunt of it when a virus did sneak past. Though a well written disclaimer absolved them of any blame, it wasn’t good for business, and Sentia Solutions took this sort of thing very seriously. Antivirus Investigators and Programmers like Zachary were kept very busy, but Zachary was alright with that. He considered it job security, and he liked being one of the good guys.
This threat was something new – not just a variant or your run-of-the-mill virus, stealthy Trojan horse or even a root kit. Everything before this could had left traces. It wasn’t easy, but they all had a tell-tale sign that could be used to identify their presence, and once detected, it could be removed.
Zachary was confident that this new virus had a signature too – something he could pick up on. All viruses did, and he and his team would find it and remediate the threat. The hunt and chase, Zachary’s favorite part.
Programmers who put out malicious code were infamous for executing it poorly, and this had been their downfall and even lead to arrest, imprisonment, or in Zachary’s case… getting a job working for a company that tracked down said virus’. It also put him on the NSA’s “go to” list, calling on him to assist with an investigation that required his unique capabilities.
When Zachary was seventeen years old and working at a pre-employment screening company, Profiles Unlimited, he took notice of a piece of code that was used to identify the person’s reaction time on each question. He thought this was interesting – determining how long the person contemplated the question factored into the overall score and determining the accuracy. The program also went online and pulled any public information on the candidate, such as marital status, criminal record, credit reports, and current and previous addresses.
He had leveraged this bit of code and put it up as a script on an online website claiming to be a bestiality website called sexwithfurryanimals.com. When someone would connect to the site, expecting they would see some perverse images, they were instead greeted with a page that displayed their personal information: Their current IP address, a home address, spouse’s name, and sometimes an employer’s address and phone number. It then threatened to contact the spouses, employers and local newspapers with the information about their interesting browsing habits, unless they donated $50 to Humane Society under the gifting name of Chancy McChancy.
Zachary got the idea to do it after reading an article about a man who was convicted of animal abuse. This man set off firecrackers in the butts of cats. He had twelve accounts of the offense and many of the animals died painful deaths. His fine was a mere $100 and a slap on the wrist. People like that should have more severe punishment, Zachary thought.
The Humane Society received twenty-two thousand dollars donated from Chancy McChancy before Zachary Foxborne was forced to take the web site down. It was a mostly benign form of phishing – one that benefitted a charity, but it was still exploitation and therefore, illegal – a federal offense in the United States.
Because of his age and the fact that the judge thought his ploy was amusing, charges would be dropped if he would accept one hundred hours of community service, assisting in the role as intern for Sentia Solutions, and on call to the NSA as required. After his hundred hours of service, Zachary was offered a full time position and almost three times the salary he made at Profiles Unlimited. Profiles Unlimited fired him after the whole thing became public and even sued him for damages, but they didn’t win. After all, he was the sort of person Profiles Unlimited were supposed to be helping employers avoid, and they had hired him. They didn’t need that kind of press.
The McChancy Phishing Scheme as it came to be called, had gained him credibility in the hacker underground and anti-virus community. It wasn’t particularly brilliant or innovative, but the way he had executed it was. It exploited those who had predatory and perverse fetishes, and it benefited a charity that was exactly counter to that behavior.
Now, he would be leading the team that was investigating the H@x0r’s Hoax. This was the name they used for the “Beat This” messaging ruse.
Key goals of the investigation were:
1. Understand how the message was originated and sent.
2. Understand how it failed to be recorded on any server.
3. Develop a means to prevent such an exploit from being used again.
4. Identify the author who wrote it and identify the person who executed it, if they were not the same person.
5. Keep Andre Gomez apprised of the progress so that he can handle the public-facing side of the investigation.
Estiban Foulk had thought Zachary was a good choice for leading this project. Just like Zachary’s McChancy Phishing Scheme, this hoax was relatively low-threat. This hoax didn’t damage data or open any back-doors to allow remote access. In fact, it didn’t really seem malicious at all. It was probably authored by some high school kid, maybe a college kid.
Kids these days were brilliant when it came to computers and coding, and they often failed to recognize the full consequences of their actions or the tell-tale signatures they leave behind. The internet presented a false sense of security to people who think they are anonymous, just because they were sitting in their own homes, surfing the web.
It couldn’t be farther from the truth. There were certainly means to help disguise an individual’s online presence, if they knew how to use them. Proxy servers on the Internet could be connected to, and then everything the user did seemed to originate from the source of the proxy server, rather than the individual’s unique IP address. Still, proxy servers had records that were recorded, and these could be subpoenaed and reviewed.
The biggest obstacle was obtaining the server’s records, as many proxy servers were set up in parts of the former Soviet Union, the Philippines or China. These places had ‘real problems’ to deal with and didn’t see any value in cooperating with US agencies to track down the source of some malicious activity on the Internet.
Tracking down and nullifying threats despite these obstacles was how Sentia Solutions made a name for themselves as the biggest and most renowned security specialists in the field of computer technology. Neither Foulk, Zachary nor anyone at Sentia Solutions fully understood the gravity of the hoax that was being investigated. Not yet.
~ ~ ~ ~ ~
Thanks for reading this excerpt. I f you enjoyed it, please share with your friends and check out the full novel on Amazon.