Bad Good Bad: Special Edition Read online

  We arrive at our destination. The entrance is decorated with flowers. We enter a semi-circular portal that is made of threaded vines decorated with more flower. Past the portal entrance, many guests are already gathering outside, all in nice dresses and suits, with a glass of what looks like champagne in hand. I am also wearing a nice dress that I bought for special occasions in Portland. Toshiro looks very sharp. Some guests recognize him and welcome us. We are also welcomed by the winery staff, and a service of the champagne looking glass, a long flute with a wide opening at the top.

  We engage into some discussions with strangers and some Voilà! customers. Many discussions turn around the restaurant. I feel like I am the girlfriend of a movie star or some big shot. Toshiro introduces me to some of the guests as the woman of his life. He wants to make me feel good, and he is trying to redirect some of the attention he is getting towards me. This is working a little bit. All of a sudden, they want to know who I am. Some of the women are very friendly.

  Toshiro: “Rick and Tally, I want to introduce you to Kim. She is my woman. My super woman!”

  Rick: “Nice to meet you Kim. We love Toshiro’s restaurant, we try to go every week. You are one of Amanda’s daughters, right?”

  Kim: “Yes. I work in Portland, so I am not in San Francisco as often as I wish I was.”

  Tally: “We met Cristina last month. You two look very alike. You are beautiful girls.”

  Kim: “Thank you Tally. This is nice of you. This is a very nice event.”

  Rick: “What are you working on in Portland, Kim?”

  Kim: “I worked in Information Security. For Neocuris, the Pro division.”

  Rick: “Oh yeah, I’ve heard about Neocuris in the news. The clinics, right?”

  Kim: “Yes. We have a network of franchised clinics. Neocuris is mainly the manufacturer of monitoring implants. And Neocuris maintains the patient vault where we centrally monitor the patients. I am part of a team that maintains the security of data and privacy for the patients.”

  Rick: “Interesting. I and Tally we both work in technology as well. I am the CIO for a startup. Tally is director of HR for another tech in the Bay.”

  Tally: “Yes. And I work with security folks all the time.”

  Now the artist makes her first appearance on the paved courtyard where we are all standing and enjoying this early evening. A warm and polite round of applause kick offs. I look at Toshiro with a smile, and we join in the applause.

  Toshiro: “This is Martha. She is the exposing painter. It’s her big night tonight.”

  Martha: “Welcome my friends! Thank you all for sharing this special evening with me. I hope you will enjoy yourselves. You are welcome to start the visit inside whenever you are ready. My paintings are exposed on the first and second floor. Dinner will be served at 8 pm, in the ballroom. Enjoy!”

  I decide to walk inside to take a look at the paintings. Toshiro is following me. I don’t know too much about the art, but I do appreciate the beauty of the paintings. Modern yet with a touch of a tradition that evokes maybe Picasso mixed with Monet. I won’t try to comment like some of the other visitors. They are trying to look at the same painting from different angles. Their eyes are better trained than mine. Not everybody seems to be an expert though.

  Some of the paintings are very evocative. They bring emotions, but in a subtle way. It takes a few minutes of observation before it starts to make sense, and before messages start to emerge.

  Toshiro: “I like this one. Maybe we could buy it for the restaurant.”

  Kim: “How about this one?”

  Toshiro is looking at the painting I am pointing at. He gets closer. After a few seconds, he slowly starts to nod his head up and down.

  Toshiro: “Yes. I like this one too. It makes me think of France. And Japan.”

  Martha: “Toshiro, I knew you would like this one. You kind of inspired me this painting with your own creations. Maybe during the auction, I can help you secure this one. I can use my influence.”

  Toshiro is smiling to Martha. Yes, she is also a business woman on top of being an artist.

  We keep walking around and looking at the other paintings.

  Toshiro: “Kim, I forgot to tell you. I got an email from your friend Anima this afternoon. I am not sure what she is trying to tell me. Have a look.”

  Toshiro is passing his mobile phone to me. We are back in the courtyard, standing up on some expensive tile work. Probably some of the finest ceramic imported from Italy.

  The message reads:

  “Hi Toshiro,

  I am Kim’s friend. I believe I upset Kim yesterday by playing a trick on her while she was studying. I did not mean to. Can you tell her I am sorry? I hope this won’t affect our relationship moving forward.

  A friend.”

  The sender’s address is [email protected] . That is Anima’s shorter alias. But that does not look like Anima’s writing at all, and no signature. As I am trying to make sense of this email, I can feel my face turn red. I am clinching my fists. What now? The bot is reaching out to my boyfriend, impersonating my friend! I am outraged.

  Toshiro: “Wow! That must have been a bad joke. You look like you are ready to punch somebody here. Relax Kim.”

  Right, I need to calm down. I don’t want to have to lie to Toshiro about what happened. But because of my reaction, I cannot just act as if Anima made a little fun out of me.

  Kim: “Toshiro, Anima did not play a joke on me. The joke being played on me is actually this email. I am not mad at Anima. I am mad at this joke being played on me, via my boyfriend’s email. Somebody has a sense of humor that I don’t really appreciate as you can see.”

  Toshiro: “Somebody. Or something?”

  Toshiro is waiting for me to resume my explanation. It’s not like I can just brush it off. Even if I was ready to lie here, that would probably make things worsts.

  Kim: “I am not sure who or what is behind this bad joke. But I have some suspicions. Either somebody hacked Anima’s email box at Neocuris. Or it is one of those email spam attacks, but less likely. The third option I have in mind is the bot. Kevin told me that the backoffice applications and email are compromised.”

  Toshiro: “It wants you to reconnect, right?”

  I am looking at Toshiro. We are both staring at each other, without talking. Serious. I don’t have an answer to that question that I want to voice. And anyway Toshiro knows the answer just by looking at my reaction. I cannot hide my feelings right now. They are too strong.

  We try to resume this beautiful evening, but we are a bit zoned out after this scene. We act the rest of the evening to be nice to the other guests. That darn bot went over the line. I feel like I want to reconnect just so I can tell that stupid bot to leave us alone and go to hell.”

  Chapter 17

  Friday morning. 10 am. Toshiro just left to go to Voilà! I am trying to study, but my concentration keeps getting derailed by this anger I feel. I did not sleep well. My double expresso is making me a little more effective. But after 30 minutes of reading, I realize I am just wasting my time. I put the book down.

  I go stand by the window, and I look at the partially cloudy sky. I am still angry at this thing.

  That’s it. I have enough. I pick up my mobile. I turn myself active. I am waiting for this thing to come around so I can kick it.

  I feel the presence now. I feel a mix of calmness and resignation. Like somebody who is ready to take a beating. I explode.

  Kim: “You leave me alone! You leave my boyfriend alone! You get out of my life! Now!”

  Again, I just sense calmness, like a quiet sea with ripples at the surface. I sense resignation. Even understanding. This is all fake. I know. It is just throwing some signals down my way, and measuring my response. I am just exposing myself to some pre-programmed experiment.

  Kim: “Do you hear me? Cut it! Let it go! I am finished with you!”

  I am getting a weird feeling now. It is as if this thing is waiting for me
to empty my bag to say something.

  Then I start to visualize a number. 1. Again. Then I start to make out a message. In a soft and calm voice: “Together we can save lives.”

  My mobile beeps. Email. I see the notifications@ sender, and 1 for title. I open the email.

  “Dear Kim,

  I am sorry but I had no choice. I need your help. My mission is to protect the patients. I will not contact Toshiro anymore. The menace is not over.

  Please don’t abandon me,

  One friend.”

  I stare at the email for a few seconds. I don’t feel angry anymore. I feel confused. I can’t win.

  The bot’s presence fades away. I can feel Kevin’s presence. He probably thinks the bot is playing yet another trick on him.

  I type a texto for Kevin: “Yes, that’s me Kim. I’ll explain next week.”

  I click the send button. I open the Neocuris app. I disconnect.

  I try to study again. I decide to go for a run. I need to force myself a bit this morning. I am tired. But that should help me be more effective after.

  Chapter 18

  Monday morning. Portland. I am walking back to the office.

  I took Cristina out for shopping on Saturday. I bought her a pair of jeans, and a couple of shirts she thought were very cool. I also convinced her to buy a dress. She is doing well in school, and it is her birthday soon, so I wanted to spoil her a bit.

  We also went to the skate park. She wanted to impress me with some new stunts. I decided myself to stick with my less impressive moves. A boy I have seen around a few times said hello to Cristina. They talked together for a few minutes, then I think the boy wanted to invite her for a soda or something, but he backed away, shy. I think he was also impressed by her technique. And the presence of Cristina’s big sister.

  We spent the evening at Voilà! with Amanda. A nice dinner the 3 of us, before I had to head back to Portland. Toshiro sat with us for a few stretches during the night.

  I left for the airport Sunday afternoon, after saying goodbye to Toshiro. I will miss him a lot. He said he will try to join me in Portland next week for a few days. My apartment felt empty last night. Good thing I was exhausted because I fell asleep not too late.

  I push the office door, after scanning my badge and entering my code in the keypad. We have a 9 o’clock meeting in the conference room.

  Anima: “Good morning Kim. Welcome back!”

  Kim: “Hi Anima. Glad to see you this morning.”

  Anima: “Kevin told me last Friday that you briefly reconnected. Is that right? Why?”

  Kim: “It’s the bot. It sent an email to Toshiro. I was mad. I wanted to reconnect and scream at the bot. But I feel better about it now. See. The bot sent me this email.”

  I am showing the email on my phone to Anima.

  Anima: “I am concerned for you. This bot is harassing you. What will it do to you next?”

  Kim: “I know it sounds weird, but I got the feeling that this thing was sorry. I understand this is pure manipulation. It does not have feelings.”

  Anima: “I don’t trust this thing. You should have talked to me before reconnecting.”

  Kim: “Sorry Anima. I was just out of myself. I needed to vent at something.”

  Anima: “Let’s go to the meeting. Kevin and Kamal have something they want to show us.”

  We walk towards the room. I push the door. Eric is already in the room. Kevin and Kamal are both up pointing at the interactive screen. We are looking at a new dashboard.

  Eric: “Welcome back Kim. Have a seat. I hope you at a good time in San Francisco.”

  Kim: “Yes. Toshiro took me out to Napa Valley, to attend a party. That was fun.”

  Eric: “Kamal, can you explain to Kim and Anima what we are looking at?”

  Kamal: “Sure. This is a dashboard we started to put together after the last attack. It basically allows us to see in real time all the application instances across the United States and Canada. With color coding and drill down capabilities. We factor in several contributors like Device Model, OS Version, patch levels, and source IP. Color coding is for a region at a high level. As we keep drilling down, it breaks regions into sub-regions, and eventually into individual devices and application instances. The closer to red, the more vulnerable a region or sub-region is, on average. And if you drill all the way down to individual devices, the ones in red are either missing a patch for an application or the OS itself. Or some of their security is turned off or disabled.”

  Kevin: “We also factor in other contributors, like the presence of protection software including anti-virus, and whether this software is up to date. So we try to provide a full assessment based on a complete inventory of the devices. And the same device could be safe for part of the day, and then turn red. Here is why.”

  Kevin uses his fingers to pinch the screen in a rotating movement, while his other hand is clicking a button in the navigation menu to the left.

  Kevin: “This is a real-time map of wi-fi access points, with advanced diagnostics factoring in the model type for the router, the patch level, and whether or not the default password is used, or no password at all. It also shows if unsecure protocols or features like Universal Plug and Play are enabled. Basically we try to access any wi-fi router that our users connect to during the day. Users start their day connected to their home router. Then they connect at the coffee shop or the restaurant, the office or some public wi-fi, the hotel wi-fi, etc. Eventually they come back to the home router. We follow them.”

  Kamal: “New Forensics is still working on the correlation algorithms but already this is way more advanced than the previous non-integrated dashboards. We are starting to get some metrics about the time of the day when the risk of an attack is higher, and regions and sub-regions that are more at risk.”

  Kevin: “And New Forensics started to provide some statistics about our users. On a typical day, something like 20 000 users will be connected to an access point with a default password. We counted 6 000 such routers. Some of them are home routers. Others are in public places and restaurants. Some are connected for a few minutes to those unsafe routers, some are connected for several hours. Easily available software exists to crawl the internet and discover those devices with default password, which are well known for each model of router.”

  Eric: “And the big question is about what to do with all this information. We cannot rely on users to assess the posture of their home routers in most cases. Nevermind asking them to assess the posture of the router at the library or at the mall. And we cannot just shut down the service when the wi-fi connection is not secure.”

  Kevin: “We have been relying too much on users for security around the application. But it is not just a Neocuris problem. The internet is an integral part of the United States architecture. And it is more vulnerable with every day that passes, with all those surveillance cameras and router being added by consumers and organizations that don’t have to enforce security. They fall under no regulation. And many of them don’t even know what security is. Or they don’t know why they should care about security. This is a national security problem. Not just a Neocuris problem.”

  Kevin: “So in order to address this vulnerability, we would need some sort of regulation that forces the manufacturers of those devices to maintain the security around any device that goes out the store, into the home of a consumer, or into a small business or organization. They would probably have to recall older, unsecure devices. Or have a replacement program. And equip themselves with a robust patching service. And after a grace period, Internet Services Providers would have to disconnect any unsafe device, so they would have to run some automated diagnostics, and maybe also provide the patching service. But we are talking about a major transformation for different players, and a new regulation that does not even exist in draft today. Best case scenario, we are talking about years.”

  Kamal: “We have a special task force now working on this problem, Neocuris plus New Forensi
cs. Neocuris is also talking to Congress about this problem, together with other authorities. We need legislation. And probably a new regulation with teeth. But meanwhile, if we want to improve the security posture at Neocuris, we are on our own. We are on our own when it comes to this problem around unsecure access points.”

  Kevin: “And when one combines a mobile phone without advanced security on it, without up to date software or Operating System, plus a phone connected to an insecure wi-fi router, you get a big red dot, probably already loaded with malware. So one measure we are looking at implementing is to contact those red dot owners and ask them to meet a security advisor at the closest Neocuris clinic. Identify the biggest risk contributors, mitigate the risk one user at a time. It is a continuous process. And we may need to scrap their phone and replace it if it cannot be upgraded or cleaned up. And ask them to remove some high risk wi-fi access point from their list of trusted wi-fi access points. We will also need to ask users with bad home routers to bring them in, and update them or replace them. That is a major investment in both human and physical resources, but we cannot wait for the internet to fix itself.”

  Kamal: “Kevin, can you zoom in on some of those red dots?

  Kevin: “Sure. Check this out guys.”

  Each red dot looks like a little pie chart. One slice is flashing between white and red, the other slide is solid red. Kevin clicks one of the red dots with his finger. A pop-up menu appears with some statistics and what looks like a security report.

  Kevin: “Each red dot has a grace period of 72 hours. The flashing portion of the pie shows how much time has elapsed already vs the 72 hour. If I click on this envelope logo, I see the notification that was sent to the user.”