Thursday, 26 September 2013

Digital Intrusion (Nights Black Agents)

There are all kinds of techno toys on offer in Night's Black Agents, but - as the NSA has done its best to remind us - communications, electronic or otherwise, are very vulnerable to attack. This can have severe consequences for the Agents, but can also be used by them to good effect. What possibilities are there?

To begin with, telephonic communication is extremely vulnerable. There are several sophisticated gadgets that have been built for the sole purpose of intercepting and tracking phones and their data, but I'm only going to talk about a couple: the Kingfish, and Gossamer.

Kingfish is a small device, easily hidden in a suitcase, that can be operated wirelessly, with a Bluetooth-enabled PC.  According to Ars Technica, Kingfish "does not appear to enable interception of communications; instead, it can covertly gather unique identity codes and show connections between phones and numbers being dialed." It's the perfect device for keeping tabs on those pesky Agents; one call, and you're caught, and each call you make extends the net, until the user knows exactly who you've been talking to, and when. While it does not appear to be able to intercept communications, there are upgrades which may enable that functionality, as well as other upgrades that extend its range and allow it to home in on a selected telephone number. The chief attraction, from the Keeper's perspective, is its relative inexpensiveness compared to similar devices on the market. A price tag of $25,349 puts it well within range of a civilian, or criminal, group.

Gossamer is slightly less expensive, at $19,696. "It sends out a covert signal that tricks phones into handing over their unique codes," says Ars Technica, allowing it to identify users and home in on particular devices of interest. It''s also smaller than Kingfish, being about the size of a clunky walkie talkie. But the real sting in Gossamer's tail is its denial of service attack; it can overwhelm a target, preventing it from receiving or making calls. Ever wondered how you can stop the Agents from making that vital phone call? Wonder no more. 

In game, the Keeper should use devices like these as Electronic Surveillance or Digital Intrusion tools. In the event of a Contest, possession could reduce Difficulty, if the Keeper's feeling generous. Obtaining one should be very difficult; the devices mentioned here are at the cheap end of the spectrum, but more sophisticated systems can run into the hundreds of thousands. 

Of course, there are other ways of getting hold of data. Hacking's been popular ever since WarGames, but what if you lack the skills to do it yourself? Hire someone, of course, and there are plenty of someones out there. Kapersky Lab has been tracking groups like these for some time. Icefog's a tight-knit group that's been attacking government institutions, military contractors, maritime and ship-building groups, telecom operators, satellite operators, industrial and high technology companies and mass media, mainly in Japan and South Korea, since at least 2011. Shanghai-based Comment Crew have been going after US and Canadian targets since 2006. Hidden Lynx, another Chinese crew, has been active since 2009, and has hit targets in 15 regions across the globe. "Given the breadth and number of targets and regions involved, we infer that [Hidden Lynx] is most likely a professional hacker-for-hire operation that is contracted by clients to provide information," Symantec researchers claim. "They steal on demand, whatever their clients are interested in, hence the wide variety and range of targets."

But should you choose to hire mercenaries, there's always a risk you'll get burned. Does a bought hacker stay loyal? Are your own machines free of the organization's malware? If they're willing to sell anyone's data, then they certainly have their hooks in yours; after all, you never know when it will be strategically useful to sell on a former employer's information.

In game, the most likely employer for organizations like these is the Conspiracy, but it's up to the Keeper whether they've been subverted or not. A subverted group is likely to be small - Icefog numbers perhaps 10 in all, but Hidden Lynx has 100 - mainly because it's difficult to keep large groups of highly independent people, like hackers, quiet, without using force or significant economic resources. This is particularly the case with groups like Hidden Lynx and the Comment Crew, which may - or may not - have Chinese government connections.

And then, as this somewhat mournful NBC news blog points out, there are all the usual ways of tracking a person. Cameras read your license plate. Other security cameras dot your path in every major city, tracking your movements on foot. Social media users, and computer users in general, are always being monitored by someone, either for marketing or more sinister purposes. Each swipe of a fob to get you in and out of a building is traceable. Just by reading this blog, you're being watched by someone ... and it almost certainly isn't just me.

But what about email? Surely there are services out there that are uncrackable? Would that it were so, but in the wake of the Snowden affair it's become painfully obvious that there's no such thing as a secure email provider. Snowden's provider Lavabit shut down not long after the NSA story broke. It claimed it would rather not have the data than hand it over to the government. After Lavabit came SilentCircle, a company that had, until that point, offered a secure means of communication. Its CEO, Michael Janke, said he saw "the writing on the wall," and destroyed Silent Circle's servers. The problem was the data: by keeping it on the servers, it was constantly vulnerable to seizure. "It is always better to be safe than sorry," said Janke, "and with your safety we decided that the worst decision is always no decision." SilentCircle also pointed out that, even if the information within the email could somehow be kept secure, the metadata - who sent it, when, and to whom - is always vulnerable. The email protocols demand it, because without it nobody would ever be able to send a message. "Email as we know it with SMTP, POP3, and IMAP cannot be secure," said Janke.

I hope this gave the Keepers out there some useful information! Just remember, in the internet age, someone's always watching ... and you'll never know who. Until it's too late.

1 comment:

  1. An excellent article, and dutifully shared with my Night's Black Agents group.