Six Days Ago
Brody finished his research and began the hack.
The first step was to call the R&D Director on his mobile phone. Obtaining his private phone number had involved its own convoluted deception. Normally, a search of Companies House would reveal the private contact details, including home address, of all registered company directors, but because this was a pharmaceutical company where directors of such companies had frequently come under personal attack from protestors, new laws had been set up in 2009 to protect their privacy.
In the end, he had phoned the company’s switchboard, pretending to be from a printing company with an urgent order for the R&D Director’s new set of business cards. It had been his second call to the same number, the first, timed just after midday, had been to make sure that his secretary was out for lunch. Brody explained to the operator that he’d just tried to call the secretary but had only reached her voicemail and that he just needed to confirm the details he’d been provided before he authorised the rush print job; the cards apparently needing to be with their owner by the end of the day in time for a charity function he was attending that evening. Brody read out the details he’d already collected from public sources and then a made-up mobile phone number, which the receptionist dutifully pointed out was wrong and helpfully rectified with the correct number from the employee directory available on her computer screen.
Brody took a deep breath and rang the mobile number.
“Hello?” Male, concern in the voice.
Brody put on a serious inflection, lowering the timbre of his voice. “Dr Moorcroft?”
“Yes, who’s this? Is Madeline all right?”
Brody’s research had revealed that Moorcroft was referring to his wife; although quite why there was so much concern Brody had no idea.
“Madeline? No, I’m not calling about your wife, Dr Moorcroft.”
“Who is this?”
Brody thought about how to respond and decided the more vague and mysterious he sounded, the better his chances. “I’m not at liberty to say. You may call me Mr Smith for the sake of expedience.”
“I’m putting this phone down unless you immediately explain yourself, Mr Smith.”
Okay, maybe a little explanation.
“I work for GCHQ in Cheltenham. Does that acronym mean anything to you?”
“Yes, but only from the news. Something to do with government spying. MI5 or MI6.”
“Yes, that’s us. Among other things, we’re the agency responsible for providing intelligence analysis based on electronic communications to the other government departments.”
Brody had lifted that line straight from the Wikipedia entry for GCHQ.
“Okay. But why the hell are you calling me?”
“One of our responsibilities is to protect British economic interests. As part of this remit, we’ve built up a liaison service with many of the larger UK headquartered multinational organisations.”
“Yes?”
“Let me cut to the chase. Does Project Myosotis mean anything to you, Dr Moorcroft?”
“Maybe.” Brody could hear caution. “But how do you know this name? It’s not in the public domain.”
That’s where Moorcroft was wrong. A quick search through LinkedIn and Brody had discovered an HTL employee who had specifically listed the name of the project he was working on as part of his publicly accessible résumé. Brody had no idea what the project was about, but a quick scan of the Internet showed him that it was not mentioned anywhere else, meaning referencing it would add credibility to his act.
“As part of our electronic surveillance program, we’ve been intercepting some traffic relating to Chinese hacker groups. They may be working for large Chinese corporations or could even be state sponsored, it’s hard to tell.”
Brody enjoyed dropping the Chinese threat into play. Over the last few years, they had become the new bad boys of the Internet, surpassing even the Russians. The US Department of Justice had gone as far as charging members of the Chinese military with cyber-espionage, which Brody found ironic, given the documents leaked by Edward Snowden the year before divulged that the USA had been hacking into Chinese computers for years.
He continued. “It seems that they’ve been targeting IP addresses registered to HTL, Dr Moorcroft. We believe they are attempting to infiltrate your company’s security defences and steal your secrets. I’m calling you now to bring this to your attention so that you can defend yourself appropriately. As I said, its not in Britain’s best economic interests for our country’s intellectual property to be stolen by the Chinese.”
“Are you sure HTL is being attacked?”
Only by me, Brody thought flippantly.
“Dr Moorcroft, we uncovered the term Project Myosotis from these intercepts. It seems to mean something to you, so I’d suggest that they’re making some progress.”
“But that’s impossible. Our IT and Security teams assure me that we have implemented the very best cyber defences.”
Brody stayed silent for a few moments, allowing the implications to build. “Even the best defences can still be compromised, Dr Moorcroft.” Brody spoke the truth there. “It may be that the hackers have only gained peripheral access. I’m sure your firewalls and intrusion detection systems would have notified you of any unusual activity.”
“Yes, I’ll check with IT.”
“Good. And you could also . . .” Brody deliberately trailed off.
“What?”
It was crunch time.
“Well, I was going to suggest that you have a penetration test performed, but I’m sure your IT department has those done regularly.”
“Penetration test?”
Moorcroft was on the hook now. Brody went on to explain what a penetration test was and subtly threw doubt on whether his IT department would hire good enough security testers, not really wanting anyone to show them up publicly.
Eventually, Moorcroft asked, “Is there anyone GCHQ recommends, Mr Smith?”
Brody punched the air in triumph.
“Not officially, but . . .” He proceeded to give him three names, numbers and emails, with Brody Taylor at the top of the list. Whichever choice Moorcroft made, all roads led back to Brody.
Moorcroft thanked him.
“You’re welcome. Hopefully, you’ll never hear from me again.”
Brody, savouring the irony of his closing comment, sat back and waited for Moorcroft’s email to arrive, inviting him to carry out a pentest on HTL.
Now, where would he begin?
YOU ARE READING
Social Engineer
Mystery / ThrillerA Wattpad Featured Story! A pharmaceutical company under cyberattack from China. The chemical formula for their Alzheimer's drug at stake. Can elite hacker Brody Taylor fortify their cyber-defences before it's too late? And can hackers ever be trus...
