CloudShield is an internet defense company famous for stopping distributed denial of service attacks (DDOS), Nigel typed on his group text to Natasha, Jet, and John.
Looks like their defenses went offline an hour ago, and infrastructure on the East Coast is being disrupted, Jet said. Nige, do you have your computer back up?
My mom’s coming back any moment with the replacement power supply. Worst case: I will grab Ralphie’s computer, Nigel replied.
No worries, I have your back!
Based on the internet map I have my on tablet, the internet backbone is being targeted.
That will disrupt all downstream traffic. We will be cut off from the net once all of the pipes have been saturated. Jet texted.
That’s not all—other systems such as cell phones will fail, too, Nigel texted.
Let’s make sure that doesn’t happen!
Jet typed in a series of commands.
That is interesting! Jet wrote.
What is? Nigel asked.
The bot activity is all coming from MORP exit nodes.
The bots must be getting instructions from servers on the surface web and the Dark Web.
Probably different instructions, judging from the network traffic patterns I’m seeing here.
Check your routing tables! Nigel texted.
Jet typed in a series of commands to list the network routes that were cached on her laptop.
It doesn’t make any sense! She wrote. Looks like the border gateway router from our ISP has been reprogrammed to send network packets upstream.
Nigel slammed his phone into his forehead in frustration. What is happening? He thought.
He checked the network flow map on his cell phone again. Why did my power adapter have to die at a time like this?
I got it! he texted.
Got what?
Jet held off asking more questions, as she could see the three dots that indicated that Nigel was typing in his reply—a long one, from the looks of it.
An attack on the Eastward International Airport (EIA) is imminent! Nigel wrote.
How can you tell? Jet asked.
Look at the network flow patterns. There is a ton of packets moving in the direction of the airport. Normal usage patterns don’t look like this.
This narrative has been unlawfully taken from Royal Road. If you see it on Amazon, please report it.
Jet opened a window that displayed her local ISP’s network flow traffic. Normally this information was private, but Jet had a way to access them.
Confirmed. Before the flow changed, there was a number of network packets with little data, which is a classic sign of a command and control (C2) server instruction, Jet wrote. We have to warn them.
Agreed. Try to divert the packets while I contact the others, Nigel replied.
Nigel started a new group text with Natasha, Cassidy, Milo, and John Appleton.
EIA is the target. Your network taps will be useless because of current routing patterns. Nigel texted.
The plan to add physical taps to the local ISP network failed. Network activity was routed away from it.
Traffic is bad here—traffic lights are out, and we haven’t been able to move in twenty minutes, Natasha said.
Nigel checked the traffic map on his phone. All roads around Natasha’s location were blocked, and the highways looked much worse. Nigel relayed this.
Nigel tried to text his mother. She had been due home hours ago.
Can you call my mom to see if she is okay? Nigel texted John Appleton.
After several minutes, Nigel received a reply.
I spoke to her briefly, and she said she was almost home, but we got cut off so I don’t know where she is, John wrote.
Nigel thanked him for the update then pulled up the Find Friends App. After a longer time than is typical, Nigel was able to see the location of his mother’s cell phone. It appeared to be off the main highway by several yards. Probably a glitch. Signal has been spotty, Nigel thought.
Nige, did you see that? At least a few thousand more bots are headed toward EIA, Jet texted.
There must be an attacker leveraging a zero-day exploit. If you look at the patterns, many of these bots appear to be in the Milford area, Nigel replied.
Let me triangulate.
There was only so much Nigel could do on his phone. His tablet had a terminal program, and with it he could access his lab workstation at Milford High School and have a chance at retrieving better data samples. Nigel grabbed it and brought up the terminal program on his tablet, attaching the keyboard after doing so. With this, he would have a better chance of actually doing something useful. With the help of a reverse shell exploit, Nigel was able to SSH into one of the lab workstations. He downloaded a packet capture, sniffing, and analysis tool called NetMine. He connected to one of the ISP’s VPN tunnels that he’d set up earlier to the packet sniffer tool. After a few minutes, he stopped the sniffer tool and turned on the analysis mode. He followed the packets until he could see the patterns. There were a lot of requester packets with little data being transferred. Classic signs of a remote C2 infrastructure, Nigel thought.
It appears that the attacker is using a C2 server in the Milford area, he texted.
Can you figure out the address or approximate the location? Jet texted.
I will try.
Nigel followed the C2 packets to a couple of relays in the area. There were three relays in total, with two being used as conduits for the server with the most power. He tried diverting the packets to a black hole, to no avail. After additional analysis, he was able to determine the public IP address of the most powerful server affected.
He launched his exploit program, but he needed to see if he could get in. The Netsploit hacking tool prompted him to download the latest exploit modules. Nigel installed them without even thinking about it. MORP exploits. Interesting. He was connected to the affected machine, and it was easier to get into than he was expecting. Within seconds, he was at the console, and then he froze. He recognized the command line interface because he remembered customizing it. It was Jake’s Dark Glider machine.
I found the location of the machine, Nigel texted.
Is it close? Jet replied.
A little too close for comfort. It’s at Jake’s house!
What! How is that possible?
Well, I sort of set him up with a Dark Glider leveling machine, Nigel texted.
You did what?
Nigel cringed. Not my finest hour, he thought.
Didn’t you set up a VPN for him? Jet asked.
I did, but he must have rebooted it and forgotten to start it.
Nigel then forwarded the text conversation details to Natasha. Natasha texted something very unladylike before adding, I will handle him!
We now have reinforcements being sent to Jake’s house, Nigel texted.
Good, I hope she scares the hell out of that jackass, Nigel thought.
I think she will do more than that, Jet said as she let out a chuckle.