Summary

Chapter 37: Jan 1987 - Getting into Air Force Systems Command

Jan 4, 1987, Cliff and Martha are happily stitching a quilt, and Cliff’s beeper goes off. He finds that the hacker has broken into the Air Force Systems Command, Space Division computer in El Segundo, California. The hacker tries different logins and finally succeeds with ‘field’ account, where he gets access to a lot of files. He tries to print out a list of files, and that gives him a lot of unnecessary file names that he is not able to stop. When he logs out, he is not able to log back in since he had ignored the ‘reset password’ instruction at the beginning of the first login.

The hacker gets back in after a technician resets the ‘field’ account to its original ‘service’ password. This time, the hacker creates a new privileged account under Col. Abrens. Cliff tries calling several agencies for help, but gets nowhere. Meanwhile, Steve starts tracing the call, but says it will take a few hours to manually trace the wires in Germany. Cliff sees that the computer files are ‘unclassified’ and not ‘sensitive’, so there is no immediate alarm. Still, he realizes that someone could collect a lot of unclassified data from a place like the Air Force, piece it together, and gain insights/secrets.

Chapter 38: Bevatron

Cliff gets to know that the hacker is poking around the computers at Bevatron, a particle accelerator used for curing cancer patients. He realizes that the hacker may not know that he is putting real people in danger. The FBI contact at Alexandria informs Cliff that the Oakland office would not handle this since the monetary amount is small and there are no classified documents stolen. Cliff is frustrated with the lack of cooperation and the German Bundespost not getting the search warrant. Martha asks him to find a way to work around the constraints.

Chapter 39: FBI Out and In

The FBI decides that there is insufficient evidence to continue the investigation. They ask Cliff to handle it through the local police, and he feels like he is back to square one. Cliff calls Teejay at the CIA, and then he calls back to say that the FBI is back on the case. The folks at the University of Bremen tell them that the hacker was costing them hundreds of dollars a day.

Chapter 40: SDINET

Martha wakes Cliff up to prepare their tomato garden. During shower, Martha comes up with an elegant plan. Since the hacker is looking for secrets, give him fake documents. Lots of them. They create documents that look like sensitive information under an account named SDINET. They also create a form for the requester to submit an address to send files to.

Chapter 41: The Bait

Cliff sees that “Operation Showerhead” is ready, but realizes he hasn’t asked for permission. He checks with his boss, Roy Kerth, who approves. He also asks the other agencies. They don’t want to take responsibility, but they don’t object. As expected, the hacker logs in, makes himself a superuser, and accesses the files. He even reads the message telling him to provide a physical address to receive all the documents by mail.

Thoughts

When Cliff says, “The hacker wasn’t just poking around a computer. He was playing with someone’s brain stem”, it really gave me chills. I started imagining millions of bots or AI agents roaming the internet, looking for computers to break into. What if a hospital’s computers get hacked, and a bot accidentally causes medical devices to malfunction? An automated script can’t tell the difference between a simple gaming server and a hospital’s life-support system. To a bot, they’re just IP addresses with vulnerabilities to exploit.

In a world where everything is connected, cybersecurity is a branch of public health; in fact, it is a branch of every domain. AI adoption in development is spreading so fast that it makes one wonder if ‘move fast and break things’ could cost us more now than in the past. There is a lot of optimism that we can move much faster than in the past without breaking things. At the same time, the exploiters can also move fast to find vulnerabilities and vulnerable devices to exploit.