Chapter 23. Protecting Against Programmed Threats
It's 4:00 a.m. on Friday, August 13, and Hillary
Nobel's pager is ringing. Nobel, the network
administrator for a major New York City law firm, has gotten used to
having her pager go off two hours before she is supposed to wake up:
her firm has been under attack by computer hackers in China for
several weeks now. The hackers have never gotten in, as near as she
can tell: practically every page has been a false alarm. So Nobel
turns off her pager and goes back to sleep.
Nobel's phone rings a few moments later. When she
picks up the phone, she hears a panicked voice on the other end of
the line. It's her counterpart at the
firm's London office. None of the
firm's desktop computers are working properly when
they are plugged into the network, although they all work fine if the
network connector is pulled and they are run as standalone machines.
Grumbling, Nobel turns on her laptop and tries to log into her
firm's central server. But instead of a nice
friendly login screen asking for her username and password, she
instead sees this message:
Dear Ms. Nobel,
The virus reports and false alarms on your firm's so-called "intrusion detection
system" are the result of a slow, stealthy worm (SSW) that was illegally brought into
your office network on an infected laptop on July 9th. The SSW is software that was
designed by our programmers as a part of our copyrighted game software; your
employee's use of this software is in violation of our copyright. We are now seeking
redress using this self-help approach that is allowable under US copyright law.
Detecting that it had been illegally copied by one of your employees, the SSW
responded by mapping out your firm's network and servers. On July 14th the system
found your backup server and changed the key that is used to encrypt your backups.
Simultaneously, the Cryptographic File System driver for all of your Windows and Unix
servers was enabled, using a key of our specification.
This morning the key for your backup system was erased, as was the key for your
now-encrypted file servers. If you wish to have this key sent to an email account
of your choosing, kindly enter your banking information into the form below and click the
button labeled "I ACCEPT." This will settle our claim against your firm by initiating
a bank transfer for $75,000 USD from your bank account into a drop box under our
control; clicking "I ACCEPT" will simultaniously waive you and your firm's rights to
renegotiate the terms of this settlement.
Nobel reaches for her phone and starts to call the FBI. Then,
thinking somewhat more clearly, she puts down the phone and takes out
her checkbook and the smart card required for transfers over $5,000.
If she works fast enough, she might be able to get the servers
operational before sunrise over Central Park.