Day Minus 200 | Stealing the Network. How to Own a Continent

My days follow a very set procedure. If I ever have to leave the compound for supplies , I immediately check the tape to see if there have been any visitors . This is the only reason I have a television. I spend several hours per day researching . Any information collected that has to be retained is written to an encrypted store that will be moved to the cage on CD-R. Before shutdown, the unsecured systems have their temp files purged, work encrypted disk overwritten, and the slack space wiped. Then they are logged out and shut down. Every other day, another CD-R (or more than one, depending on traffic load) is burned from the packet logger.

The packet log review is a critical safety step. It lets me know if one of my unsecured computers has been compromised. They are compromised, occasionally. A compromise is defined as unauthorized network communications, information leaving my computer. It is extremely easy to pick up spyware just from visiting websites . Some of them are bold enough to use unpatched exploits to install the programs, even though they are very easy to trace back to their source. Some spyware is very obvious; when you visit Google, and you see pop up ads matching the phrase you just searched for, you are infected with spyware.

Most people just live with the spyware for months until they get sick enough of it to find someone who knows how to deal with it, usually with a scanner program such as AdAware. As a matter of convenience, I use such programs myself . But I cannot assume that they are sufficient. The proof that I am clean is in the network traffic.

Spyware programs are not some harmless threat to me. I go to a lot of trouble to spread the originating IP for my Internet usage around. A Spyware program can track my web browser usage from its true origin. They report URLs and search terms back to a central point. I keep track of what information of mine is gathered by each central point. If there comes a time when they have accidentally gathered too much, they will have to be dealt with.

When entering the cage, the CDs are held in my left hand, and I immediately proceed to the keypad and punch in the disarm code in the dark. The CDs are set down, and the light is turned on. There is a small supply of light bulbs in case the bulb blows. The door is then closed and latched from the inside. The alarm is then rearmed to level one. This takes approximately 12 seconds. If the bulb blows, it takes about 25 seconds. I then spend about 2 minutes applying the magnetic strips to the door frame on the inside. Due to boot time and built-in delays, it takes about 5 minutes to boot the computer up to being usable. Any CDs brought into the cage are copied to the encrypted store, and the CDs are removed.

Once removed, the CDs are shredded . More accurately, it s a specialized sander. The device grinds the CDs in a circle, sounding like an old can opener , and completely sands off the top reflectively layer to dust. The dust is kept in the shredder bin, while the disc, now a circle of completely scuffed and transparent plastic, is placed in a disposal bin. Material may leave the cage for one of two reasons: either it is consumables for disposal or it contains information that must be declassified for use on the unsecured PCs.

Any information that I have stored or synthesized in the cage must go through a review process before I export it. I m looking for covert channels, executable code, watermarking, and what can be determined if the information is intercepted. The information is then encrypted to a key whose mate lives on the unsecured PCs, and whose passphrase lives only in my head.

If information is removed, the unsecured PC is booted , and the information is copied to the encrypted store and left as-is for the moment. The PC is then shut down.

Any materials leaving the cage, including CDs, are taken to the garage where the furnace and crucible are kept. The materials are heated until they become gas, ash, or liquid. Scrap iron is added for filler and any liquid is poured into a mold.

When inside the cage, I correlate gathered information. If I have chosen a target, I gather all the information for that target into a usable format. If I ve decided on a candidate, I gather all the information about them into one spot.

At this point in time, I have decided on my targets and what needs to happen so that each one will fall. My candidates are the people with special skills who will be helping me, or people who will be taking blame, or both.

Once you have mastery over yourself, you can gain mastery over others. Every person can be persuaded; you simply have to know what will motivate them. They must believe without question that what you say will happen, will happen. If money motivates them, then they must believe they will be paid. In some cases, the simplest way to guarantee that is to just pay them. If someone must have their life threatened in order to gain their cooperation, then they must genuinely believe they will die. There are also simple and effective ways to make them believe that.

A certain amount of detachment and caution is warranted when dealing with these people. In many cases, I employ a mouthpiece to actually talk to people on the phone. To use the telephone network directly puts myself at an identifiable location at a particular time. If you re dealing with someone who takes over telephone switches for a living, this is not wise.

If someone cannot communicate with you directly, they cannot probe you, they cannot detect emotions in your voice. They cannot try to surprise you or social engineer you. You can t ask an actor what the writer was thinking. The actor only has his lines from the script. At other times, information cannot be trusted to a third party. Your life is worth far less than you might think to someone else. If some people I deal with got a whiff of as little as $100,000 and they thought that threatening me would get them that much, my plans would be damaged.