In the Lair of the Cozy Bear:
Cyberwarfare with APT 29 Up Close and Personal — A Novel
A novel about the Russian cyberspies who hacked the DNC, The White House, The Department of State, The Pentagon, and more, and the Dutch cyberspies who watched them. Original title: In het hol van de Cozy Bear by F.W.A. van Nispen tot Pannerden Translated from the Dutch by T.H.E. Hill.
|
Translated by T.H.E. Hill, the author of The Ninth FloorI was in the Friday Division Team meeting, pretending not to be bored by all the team chiefs saying “Nothing to report.” It had been a slow week. It was just about my turn when the division secretary stuck her head in the door and pointed to me. This was against the Division Chief’s very strict instructions. Nothing was ever to disturb him while he was holding a Division Team meeting. He glared at her with his best ‘if looks could kill’ scowl, but she didn’t go away. That meant it must be something very important, like the building was on fire, or there was another revolution in Russia, or the Division Chief’s wife was on the phone. “What is it? Damn it!” growled the Division Chief. “Mr. Holbrook is wanted on the ninth floor,” said the secretary with all the awe that a summons to the ninth floor was due. I had never known anyone who was summoned to the ninth floor, and I doubted that the Division Chief had either. In fact, I don’t think I knew anyone who had ever been on the ninth floor. “They said ‘right now’,” continued the secretary. The Division Chief turned his scowl from the secretary to me. “What the hell have you been up to now?” “Beats me,” I replied. “Unless it was that little contretemps on Wednesday, but I didn’t think that would get the ninth floor involved.” “What contretemps?” asked the Division Chief. |
I made the most elegant hasty exit from the conference room that I could manage, by climbing up onto the table and walking across it to the side of the room where the door was. Charlie got up so I could climb down using his chair for a ladder. In my younger days, I’d have just jumped over Charlie, but discretion is the better part of valor, and Charlie knew it. We’d worked together off and on for more years than either of us cared to remember.
I headed for the elevator in the main tower that went all the way to the ninth floor where Daddy DIRNSA hangs his hat. On the way up in the elevator my whole working life flashed before my eyes. I considered all the things I’d done that had pissed people off. Well, some people need pissing off, because they are more concerned about office politics, political correctness, and empire building than about the collection of Intelligence that meets National Requirements. It was a fast elevator. It didn’t stop anyplace else but the ninth floor. I was just getting to that little contretemps on Wednesday when the door opened.
The prim-and-proper secretary looked at the dirty sweater I’d had on for the last week, and then took in my matching wrinkled khaki pants. Her face gave the impression that she didn’t think I belonged there, which I didn’t, but, instead of pressing the button on her desk that called for security, she asked politely, “How can I assist you Mr. …?”
“Holbrook,” I said. “You sent for me.”
“Ah, yes,” she said, as she got up from behind her desk, and walked over to a polished, real-wood door. She knocked once. This caused the door to produce a solid sonorous sound appropriate to these elevated spheres. Without waiting for an answer, she pushed the door open, said, “Mr. Holbrook, sir,” and ushered me into a small, but plush conference room with two people in it. One of them was the Deputy Director. I’d seen his picture on the organizational chart you pass if you come in the ‘Front’ entrance. The other one I’d never seen before.
“Sit down, Mr. Holbrook,” said the Deputy Director, motioning to the only other chair in the room. “This is Mr. Smith. You’re here because we would like to talk to you about a Detached Service Officer (DSO) assignment to a third-party site.”
That was a surprise. I was expecting to be drawn and quartered. I smiled politely, and took a seat in the leather-covered chair.
“Mr. Holbrook,” said Mr. Smith, whose alias was about as obviously fictitious as they come, even in cheap spy novels. “Your record says that you speak both Dutch and Russian.”
His accent gave him away. He sounded exactly like my father-in-law when he tried to speak English.
“Yes, we speak Dutch in the house,” I replied in Dutch, eliciting a bemused smile from Mr. Smith, and a questioning look from the Deputy Director. “My wife is from The Hague,” I continued in Dutch.
“Yes, that’s in your file,” said Mr. Smith, “but it says nothing of how good your Dutch is.”
We bantered in Dutch for about five minutes, while the Deputy Director ignored us with his nose in a file. When Mr. Smith discovered that we both liked the same pancake restaurant in Kijkduin, he felt that he had learned all he needed to know about my ability to speak Dutch.
“And your Russian?” asked Mr. Smith in English. “And, by the way, I don’t speak Russian, so just tell me.” The change of language brought the Deputy Director’s nose out of his file.
“Better than my Dutch,” I replied.
“That is good,” said Mr. Smith.
“He’ll do nicely,” said Mr. Smith to the Deputy Director. “The other candidates were not at all suitable. They all spoke Dutch too poorly, and those expensive suits would be completely out of place where he will have to work.”
The Deputy Director didn’t look too pleased at this news, but he nodded in acknowledgement.
“Mr. Holbrook, this is an official offer of a DSO assignment to a closely held third-party project. Would you like to go? Yes or no.”
“I might,” I answered. “Depends on where it is.”
“I can’t tell you more about the project. It’s very restricted knowledge. You’ll only find out about it, if you accept the assignment.”
“Yes, I understand all that. What I want to know is where I would be going to work this project.”
The Deputy Director looked at Mr. Smith, passing the ball back to him.
“Zoetermeer,” said Mr. Smith.
“RampstadRail Tram lines three and four out of The Hague?”
“I understand that that is possible,” said Mr. Smith, “but I prefer to take my car.”
“Of course,” I said. “In principle, I’m agreeable. But I’ll need to ask my wife. Can I tell you tomorrow?”
“We’d prefer to know today,” said the Deputy Director. “We want you on site at the end of next month. Call your wife and ask her. You can use the phone in the outer office.”
“For a closely held project, I think that would be poor operational security,” I said, hoping to score points for security awareness without overplaying my hand. “Suppose I drive over and ask her face to face. It would take about two hours out and back, depending on the traffic.”
Mr. Smith nodded his agreement.
“Come back here when you’ve spoken to her. I’ll leave instructions for you with the secretary.”
I didn’t say anything about the short fuse on the reporting date to the Deputy Director. I figured this offer would not be repeated, even if I was the one that Mr. Smith liked. Kathy, on the other hand, said plenty.
“How can we possibly be there by the end of next month?” she asked.
“The plane ride is only eight hours,” I said.
She didn’t think it was funny.
“That gives us four weeks to get ready to fly. With a push from as high as the offer came from, I think all the bureaucratic gates will fly open for us.”
I could see from the expression on her face that this wasn’t going to win the argument for the assignment, so I cut to the chase. “This is a once-in-a-lifetime chance, and the price of admission is being ready to fly in four weeks. You want to live thirty minutes away from your parents or not?”
That was a rhetorical question. I already knew the answer, but it had to be asked, out loud and in person. That was part of the mechanism that made this partnership work. You had to have a chance to express your opinion before the decision was made. Approving a decision after the fact never felt as warm-and-fuzzy good as being asked beforehand.
Back at the Fort, I took the express elevator to the ninth floor, where the secretary greeted me with polite efficiency.
“Yes? Or No?” she asked.
“Yes,” I said. “Kathy said to ‘go for the gusto!’.”
“Please read this, and sign where indicated.”
T O P S E C R E T SAVOY
LIM/DIS NOFORN
The Computer Network Attack (CNA)-team of the Dutch Joint SIGINT Cyber Unit (JSCU), a collaboration between the Dutch Algemene Inlichtingen- en Veiligheidsdienst (AIVD, General Intelligence and Security Service) and the Dutch Militaire Inlichtingen- en Veiligheidsdienst (MIVD, Military Intelligence and Security Service) have gained real-time access to a computer network in Moscow at IP 187.33.33.80:8 being used by an Advanced Threat Actor (ATA, e.g. a nation-state).
This particular activity has been designated Advanced Persistent Threat (APT) 29, and has been assigned the covername Cozy Bear.
It is believed to be a Спец-группа Кибер-разведки и Атаки (Special Cyber Intelligence and Attack Group) of the Служба внешней разведки России (SVR, Russian Foreign Intelligence Service).
This source can only be discussed with those explicitly known to be cleared for access. In the event of doubt of someone’s clearance status, the Access Control Officer who maintains the complete, current access list can be reached at tel. 5-3975 (secure).
Signature Date
That explained why it had to be Dutch and Russian. I signed and handed the folder back to her.
“Here’s a white shirt, a tie, and a sports coat,” she said, pulling a pile of clothing from one of her desk’s drawers, and dumping the stuff in my arms. “Go in the conference room and change.”
She didn’t sound like a lady to be trifled with, so I did as she ordered.
When I came out, I could see that she still had doubts about my wardrobe, but that didn’t stop her from shoving a pass to the Executive Dining Room into my left hand. “The Deputy Director expects you at eleven thirty sharp. No classified conversation in the dining room. Don’t slurp your soup, and keep your elbows off the table,” she said, leaving no doubts about what she thought of me.
“I may have a few rough edges,” I said, “but they don’t keep me around for the way I look. I can make the equipment stand up and sing, and report what was in the song in six languages.”
She didn’t look entirely convinced, but she did soften her scowl a little.
Somewhere between the soup (cream of asparagus) and the main course (chicken tetrazzini), the Deputy Director said, “Having looked at your record, I have my doubts about you in this job. You seem to ruffle feathers everywhere you go.”
“I only ruffle the feathers that need to be ruffled,” I said. “Did you read past the complaints, which I’m sure are strategically placed at the front of my file, to the part where they talk about what I’ve accomplished? I don’t have any doubts about me in this job.”
“Neither did Mr. Smith,” replied the Deputy Director. “He said you’d fit right in with his motley crew of cyber-pirates. I just wanted to warn you that my objection to your assignment will be a matter of record.”
“Oh ye of little faith,” I thought to myself.
“I get the picture,” I said out loud. “If things go wrong, I’m on my own.”
He winked.
“By the way. What happened to your dirty sweater?” he asked. “Mr. Smith told me that was one of the things that convinced him to ask for you.”
“Your secretary. She wanted me to look presentable for the Executive Dining Room.”
“Ah, yes. She would,” he replied. “She’s very efficient.”
