Not long after I learn that there’s a former NSA guy at the helm of CBS information security, he sends a company-wide memo that seems to refer to my situation without mentioning me. The memo on June 7, 2013, explains what should be done if someone suspects a security breach of their CBS computers. Once the incident is reported, says the memo, there will be a response team that will take steps to resolve the issue.
Since the memo is clear that the victim has a duty to report, and since Molinoff has never acknowledged my incident nor has he con- tacted me, I send him an email asking whether he’s briefed up on my computer intrusions. I offer to answer any questions he may have. He doesn’t reply. A week later, I follow up. This time, I get a perfunctory response from Molinoff saying that he and his team are aware of the situation and take any breach “very, very seriously.” He asks no ques- tions and to this day no CBS security officials have attempted to ask me the details of what happened.
| SPY CLASS 101
As the story of the government’s overreach expands and word gets around about the investigation into my computers, sources step forward to privately offer me moral support, information, and assistance. They fill my head with stories about the government’s secret capabilities and how they could be misused by those with malicious motives.
For example, one of them tells me about a covert skill the U.S. government is actively perfecting: the ability to remotely control ve- hicles. There are several ways to do it. The former U.S. national coordinator for security, infrastructure protection, and counterterrorism Richard Clarke discussed the technology in a June 2013 interview with the Huffington Post. He said that intelligence agencies know how to remotely seize control of a car through a “car cyber attack.”
“It’s relatively easy to hack your way into the control system of a car, and to do such things as cause acceleration when the driver doesn’t want acceleration, to throw on the brakes when the driver doesn’t want the brakes on, to launch an air bag,” Clarke tells the online blog. “You can do some really highly destructive things now, through hacking a car, and it’s not that hard.”
In this particular interview, Clarke is responding to questions about the fatal single-car crash of reporter Michael Hastings as he was said to be researching a story related to the scandal that forced the resignation of CIA director Petraeus in 2012. Shortly before Hastings’s death, he reportedly said he thought the FBI was investigating him, which the FBI denied. Officials who investigated the car crash say no foul play was suspected and Clarke doesn’t dispute that. But Clarke says, hypothetically, “If there were a cyber attack on the car—and I’m not saying there was—I think whoever did it would probably get away with it.”
Clarke’s assessment of the available technology is based in part on a 2011 report by university computer scientists. It states that computer hackers can gain remote unauthorized access to vehicles much like a computer, controlling the engine and other basic functions. Apparently, the car hacking can be accomplished using cellular connections and Bluetooth wireless technology. Hackers can take control, track, and even listen in without having any direct physical access to the vehicle, according to one of the lead researchers, Stefan Savage of the University of California, San Diego.
My source tells me something about a related technology he says the government is developing. Covert operators can substitute the stock electronic control units in vehicles for special replacements: one to con- trol the car’s transmission and another that controls the engine. A re- mote controller can then slow, stop, or speed up the car and make it im- possible for the driver to do much about it. The government developers, working in secret with black budgets that don’t appear on any ledger, are having a little trouble keeping the demo units from overheating. They’re expediting the troubleshooting and sparing no expense. Money is no object. There’s an endless source of tax dollars for this project.
The source shows up at my house one wintry evening and wants to check out my car for anything suspicious. He says that I’ve upset so many people at high levels that anything is possible, even the idea that somebody has tampered with my vehicle. I appreciate the thought but tell him it’s unnecessary. He insists and my husband says to go ahead and let him look. It concerns me that somebody with links to covert agencies actually thinks that a government operative might be capable of sabotaging my car. The source and my husband spend forty-five minutes shivering in the garage, flashlight in hand, rooting around under the hood and in the front seat of my car, and find nothing.
As a matter of protecting my own interests, I’ve begun working with a small group of people who aren’t connected to CBS. This includes an attorney, another independent computer forensics expert, and several sources.
In July of 2013, I’m preparing to leave the country on vacation. It’ll feel good to get away from everything. But before I go, an acquaintance contacts an intermediary and asks me to call. It’s been more than a year since we last spoke.
To be continued…
[hr]Read excerpt #1 here: The Computer Intrusions: Up at Night
#12: Obama’s War on Leaks
#16: URGENT dispatch
#23: The CBS Connection