25 - Who's hacking who?

London – 8:15 am Wednesday

Welcome to my online cyber thriller, The Phisherman. To learn more about the story and meet the three main characters, click HERE. If you'd prefer to start at Chapter 1, click HERE. To select another chapter, click HERE.

Photo by Evan Dennis on Unsplash

When Alison saw Nick standing in her doorway with his engaging smile, her heart melted. Yet, it was only for a moment. Despite all they’d been through, she wondered what secrets he was hiding from her.

Can I trust him, or is his macho BS dragging me into something that could cost me everything I’ve fought to achieve?

Steeling herself, Alison called him in.

“Before you sit down, Nick, can you give me your laptop?” she demanded.

Nick stopped and stared at her, his face conveying uncertainty. Then, he cautiously lowered his laptop carry case over his arm and handed it to her.

As Alison grabbed it, Nick asked, “So what are you thinking here? After all, that is official CIA equipment. Not that I don’t trust you, Ali – I do. But before you do anything with Agency materials, I need to know what this is about.”

She noticed the contrite tone which accompanied his request, something incredibly unlike Nick. Alison was sure he was trying to soften her up. Instead, it made her more suspicious.

“Nick, your hacker knew we were on our way to his hideout. He doesn’t know I’m on the case. So, he’s tracking you. Maybe all your agents have been compromised – I don’t know. What I do know is that he knows where you are.”

She forcefully suggested, “Sit down, Nick. This could take a while. And we must know how he’s tracing you before making any physical moves. With any luck, I might be able to reverse it so we can track him.”

Alison felt Nick’s uncertainty at losing control as she connected his laptop to her computer and started her custom scanning application. His physical and tactical skills were useless. She sensed he was frustrated by his powerlessness. Yet she suspected the situation was something he had brought on himself.

That was confirmed when he stammered words in the closest thing to embarrassment Alison had heard from his lips.

“Ali, I feel so ashamed. This is all my fault. You see ...”

He paused and looked down before admitting, “I was the one who was hacked.”

Alison was not surprised.

Like many everyday computer users, Nick thinks a hacker couldn’t phish him because he’s too smart to fall for anything like that.

Photo by JJ Ying on Unsplash

Before Alison could respond to Nick’s sheepish admission, her scanner app beeped. Nick’s laptop was transmitting an encrypted message through port 587.¹ She couldn’t believe her luck.

Whatever Alan Jones set up is happening as my software’s running.

Nick demanded, “What does that mean, Ali?”

Alison held a hand up as she focused on her screen contents.

“Shoosh, Nick.”

It didn’t take long to discover the task Alan Jones had created to email Nick’s location daily to a private mail server. What scared Alison was when she saw the scheduled event had been created the previous evening at 6:30 while Nick was in his hotel room.

Worst of all, it was generated over the WiFi connection.

The bastard was in or near Nick’s hotel when he did it.

Not only was it brazen. It showed Alison that her prey was super-confident in his ability.

As swiftly as she could and ignoring Nick’s frequent requests to know “what the hell is going on,” Alison created a script to intermittently send stealth packets² to explore the private email server Alan Jones was using. Each packet would appear to originate from a new IP address in China or Russia. Alison hoped her attempts would be slow, random and stealthy enough not to trigger any alerts the hacker would undoubtedly have in place to detect such forays.

And if he does pick it up, everyone in the IT security sector knows the Chinese and Russian governments invest enormous state-based resources in such illegal actions.

Of course, Alison would never admit that her government and their allies did the same.

Unfortunately, Alan Jones’s task only sent plain text via the email port, even though his email protocol was encrypted. As pure text files have no formatting code, she could not infect the emails from Nick’s computer with a surprise of her own. All Alison could do was allow the emails to continue so the hacker would remain oblivious to her discovering his ploy.

Hopefully, my script will eventually find a way inside the email server. Then I can hurt you, you cocky bastard.

Once the script was running, Alison continued investigating Nick’s laptop. If the hacker lived up to expectations, he would have at least one other method to access Nick’s laptop.

After a quick check of the active services on the computer and finding nothing out of the ordinary, she homed in on the ones permitting remote access. It didn’t take long to discover Mister Jones had authorised a login using the Agency’s secret remote connection.

The dirty rat is using the Agency’s hidden insurance policy to track one of their agents. It would be funny if the stakes weren’t so high.

Checking the logs revealed no more information. Alison hoped she had discovered the only two methods Alan Jones had configured to track Nick’s progress. She set a system alert to notify her when someone remoted into Nick’s laptop and then sat back.

“Okay, Nick. Sit down, and I’ll tell you what I’ve found so far.”

Nick stopped his relentless agitated pacing and sat down as his eyes fixed on Alison’s.

“So, your hacker created a task on your laptop’s scheduler last night. It sends him an email at random times each day revealing your computer’s current location. What I find truly disturbing is that he hacked you via your hotel’s WiFi.”

Nick stared blankly at her. She could see what that meant hadn’t registered with him.

“That means he was in your hotel last night or close enough to connect to its WiFi, Nick.”

“Son of a bitch,” Nick yelled as he jumped to his feet.

Photo by Mikael Seegen on Unsplash

Alison ignored the angry words Nick vented.

After a few minutes, he stopped ranting and resumed his seat.

“Sorry, Ali. I didn’t mean to disrespect you. And I’m so grateful to have you working with me. I just can’t believe he was that close.”

“That’s okay, Nick. And for what it’s worth, I’ve heard worse. However, I accept your apology. And I understand why you’re so upset. I am too. It means our hacker is nothing like I expected. Although he’s old school, he’s translated his confidence in the digital universe into the real world around him. And that makes him dangerous on a whole other level.”

“What? You think this hacker could be violent in person?”

“Yes, Nick. That’s precisely what I’m saying.”

Nick paused before adding, “Well, I hope the son of a bitch tries to hurt me. That’s all I’ll need. If I see him just once in person, that will be enough. I don’t care how confident the digital dick is. In fact, I hope he gains confidence after last night. I can’t wait to meet the little asswipe face to face ‘cause then it’ll be on my terms. And no matter who Alan Jones is or what he does, in my world, no one escapes once they’re in my sights.”

Alison sighed.

Why do men like Nick always have to turn everything into a contest of ego?

After a brief pause, Nick asked, “So what will you do now, Ali? Can you trace him?”

“Okay, Nick. So, I’ve got two plans of attack.”

“First, I’m running a stealth scan on the mail server he’s set up to receive the emails reporting your computer’s location. If I can break into that, I can likely see where he’s collecting the emails from. Does that make sense?”

Nick nodded as he replied, “A hundred per cent, Ali. However, you said there were two ways you might be able to track him. What’s the other one?”

“I’ll need time to set it up, Nick. It’s called a honeypot.³ Do you know what that is?”

“Not a clue.”

“Well, as the name suggests, I’ll create something irresistible to lure our unsuspecting prey. As Mister Jones can use your Agency remote access …”

“He WHAT?”

“Sorry, Nick. I haven’t told you yet. Alan Jones did two things after he hacked your laptop last night. The first was setting up the email task that reports your laptop’s location. The second was creating a hidden remote access login.”

“Son of a bitch,” Nick screamed again.

Yet again, Alison waited. Thankfully, he composed himself in a minute and sat down.

“So, how do we stop him, Ali?”

“We’re not.”

Thanks for reading my online serial. I hope you enjoyed this chapter enough to click the heart-shaped LIKE button below. And if you have any suggestions to help make it better or you simply want to encourage me as a storyteller (either would be appreciated), please leave a comment.

1

Port 587 is the standard channel (like a window or doorway) that a device uses for sending emails. Different ports are used for receiving emails. These ports are defined in your email apps and managed by your computer’s firewall to control which online devices can communicate with your device via email. That’s all you need to know, really. You can search for more info online. However, as soon as you mention a port number, writers assume you are technically skilled and write accordingly.

2

As discussed in 21 - Desperado, a stealth scan detects devices on a network without allowing itself to be discovered by those devices. In other words, the scanner can see what devices exist on a network, but the network doesn’t know they’re there (though this scan won’t work on a secured network or computer). For technical information, refer to nmap synscan

3

What I’ve written in the story should explain the basic idea of a honeypot. If you want to know more in everyday language, check out what-is-a-honeypot [kaspersky]