Being a spy, technically a counter-intelligence agent at the moment, is nowhere near as exciting as the entertainment industry makes it out to be.
Yes, I get cool gadgets, I get to quasi-legally break into places and hack their computers. Sometimes I get to break into buildings where enemy special forces strike teams are being tossed around by out of control emerging psychics and rescue them, although strictly that one was off the books.
However, mostly it’s about doing the mundane things really well to maintain your cover and reading big fat dossiers.
The last few days are a case in a point. To save you the real tedium, let me summarise.
I need to get back to Boreas, pdq, to meet the courier. So it’s off to Medwyn, strike a sweet deal for some more brandy, shoot on over to Boreas, no problems.
En route, I consider my options. Welkin, the main settlement, and stamping ground of Detective Rhiannon Jones, is probably not a good place to get recruited. Their strike team has just had an unfortunate encounter with Steffon, and then the heddlu, they’re not going to be recruiting. Prism is the next largest settlement, and almost exactly antipodean to Welkin. If I can find any evidence in the files for Operation Orange Watchtower or the local activity for Honshu recruitment, I could set up a cover there and try my luck. I start sketching out plans for cover identities and what I’ll need to do to set them up. Nothing concrete yet but I know the sorts of profiles I need to create and I can readily find the data about Prism to locate the kinds of places I might need to try and insert myself.
Even with that very cursory look at the public data it suggests that there’s a serious problem in Prism. In fact it’s so big I jot some notes wondering why someone hasn’t noticed it and done something about it. We have seers at the Service who are meant to spot this kind of thing and report it. I’ve seen them in action and it’s scary. That means someone is either preventing the information they need from reaching them, either from Prism, Boreas or internally, in the Service, or blocking their reports from being disseminated internally so people like me can go and act on it. Those last two are really alarming but I need to wait before I start accusing people - 99% of these cases are someone local being bribed to sit on the reports. The other 1% are seriously bad news. But another week won’t bring down the clan. Crying “wolf” on my second mission might kill my career.
I land, sell my brandy, meet Rhiannon, check in on progress in Steffon’s missing person case. She says they’ve got nothing. No surprises there, he was spooked off planet by yours truly. I make a note to ask Conductor to squash the investigation soon. I tell Rhiannon that I’m meeting a new potential business client, and that I will be here for a while, looking at their manufacturing plants and discussing terms. I don’t think she’s watching me, but if she keeps an eye on the Skirl that will explain why she doesn’t leave port for a while, breaking my normal pattern.
Then I meet the courier. It might seem odd to you, in these days of the Weave, but the Service uses couriers a lot. In the flicks you still see paper dossiers stamped “Top Secret” and “For Your Eyes Only” and stuff like that. It looks really dramatic. In practise, there’s a fingerprint, retina-scan and DNA locked box. Inside the box there’s a data crystal. I’m told the data crystal has some extra layers of protection too, I just know it’s got a set of layers of encryption on it, but when I plug it in to my reader, they handshake, I go through the various logins, and I can read the files. For anyone interested, the courier and I meet for lunch, and she just hands it to me. It looks like a normal itinerary, nothing to attract attention. All the security to open the package with the data crystal is conducted well away from prying eyes, back on the Skirl.
True to my word, I set out from Welkin and rent a property in one of the regions of Prism I’ve earmarked for a potential recruitment site. I start on the cover story in soft ways, frequenting the sorts of bars where I think it’s likely I’d get recruited, using a false name, sending out the right sort of signals. I register as looking for work and turn up to the hiring posts, always just a bit late so the jobs I’m qualified for have gone. I grumble and bitch about it, head for home, then do the job I’m really here to do - analyse the data in the Operation Orange Watchtower dossier.
It takes a while to go through everything. That’s not entirely fair. It takes nearly ten days. The first read through takes three days, there’s just that much data. Then I go through it again. Specifically looking for two things - patterns of data flow off Boreas and recruitment here in Prism. It was pretty easy to confirm there was a recruitment cell active in Prism and set aside time to work on my cover identity. What took longer was to conclusively find the evidence that the data that Boreas should be reporting was being, within reasonable limits, reported to the right places.
When I say within reasonable limits, some of the data was a bit wrong, some was a bit late, but this looked like human error rather than corruption and suppression by enemy action. Well, it did for the data I was looking at. There was evidence that Boreas was fixing data on its population growth, claiming more pregnancies and a higher miscarriage rate. I wasn’t clear to me why, probably some tax scam, but I made a note of it in the report I was preparing. That shifted the balance of probabilities to a mole in the Service. It wasn’t certain yet, but more than 50% likely. Time to establish a solid cover, and dig around in the rest of the dossier.
One of the benefits of working for the Service is that a lot of government agencies, when you have the right credentials, role over and play nicely. What takes criminals long, long hours of sweat and tears and typically raises all kinds of alarms is, for me, a matter of accessing the right package, filling in some details and pushing the go button. It’s absolutely that simple.
Operation Orange Watchtower makes reference to other operations that I don’t have clearance for. This is common. I’m in the field, investigating activity on Boreas. If I get captured, Conductor and their superiors don’t want me to be able to tell the enemy anything about what’s going on elsewhere in this sector or in other sectors. However, the activities in Prism and Welkin have given me something to search for in publicly available databases. I can append this to the report I send to Conductor so they can use their better position to determine whether any of this data has been acted on by the Seers. I can also, with a bit of finesse, determine whether the data from Prism ever reached the Service Seers and so identify the level of the problem.
First things first. The publicly available data is totally risk free. I take a little while to move around, so not all the searches are coming from one place, create a series of spoof searches, so I’m looking at ten thousand sorts of data - this is pretty common for a bot mining for a commercial operator - and extract the data for each of the settlements in this sector. Of those with more than 10,000 inhabitants, nine of the twelve show clear evidence of recruitment across the three planets with clear routes to the rest of clan space. Artemis has no settlements over that limit.
Bolstered by that, I dive into the Service and start trying to look for what is happening with the data that is coming from Boreas. It turns out that I need a higher level clearance than I have, that data requires a different access than Operation Orange Watchtower. Do I press on, or try to hack the Service? I decide I can try one more approach in safety.
I pause, regather my wits and think about how to do this. I eschew the local goffi, fruit juice is better, the sugar rush keeps me more focussed. Unlimbering skills I didn’t expect to need here I find a backdoor into the data handling stream that doesn’t ask for an operations code. Not a great piece of data security but so far I’m borderline legal, here on my login and not doing anything I couldn’t have reached without permission.
I pause again, deciding what to do next, I don’t want to copy the data, that would set a million alarm bells ringing. I want to determine if the data is ever being passed to the seers, or if the reports are being suppressed. Although I was always destined for fieldwork with my talents, everyone spent time tagging data and entering it, tagging reports as well. For people going into data analysis it’s a huge part of their daily life, and ask you can see from the exciting time I’ve had, even for field agents it’s a time consuming part of our lives. But it’s equally important for us in terms of writing clear reports so that they can be readily entered into the data stream and acted upon.
I never directly dealt with the data going to the seers, but I know what the tags look like. So it’s relatively easy to determine the tags for the data that should have alerted the seers to the pattern I’m seeing and to the reports they’re generating. Then compose a report.
I carefully compose a search to tell me the number of items with both those sets of tags. I stop to consider the implications of setting it loose.
Advanced data security, there’s a way to detect if a certain search has been performed. This would be an obvious search for someone with my suspicions, and I’m logged in using my own user name. I don’t start the search. I set up a different search instead. Is there a data flag set to show if either or both of these searches is performed? Success, there is. Ok, that’s more evidence that there’s a mole. I quickly double check. There’s no evidence that there’s direct Honshu activity on my home world, and lo and behold, there’s no evidence of data tap on searches for those tags. That goes into the report too.
Where next? I could retreat at this point. I’ve got good evidence and I could let the data security people run with it. I decide to stop and consider the alert and what I know about it. I change the ways the alert information is displayed and look at the support for it. Although it’s not currently shown to me, the system stores the data for who created the alert, so it can let them know someone else has triggered it. I wonder if I can find out who that is?
I again pause, take a sip of juice and consider what I’m about to do. This is definitely naughty, not approved activity. But it’s so close I can feel it, taste it.
I stop to consider how. Then I notice that the alert has been triggered. Not recently, not by me, some weeks ago, before I even completed my training. Just once, a few minutes after it was created. I know what that is, that’s the creator checking they’ve done it right. But it’s also a mistake. Whenever an alert is triggered there’s a log. It’s held separately, and it records the id of the account that triggered it and the address the alert was sent to. These kinds of details are important to know if you’re a sneaking person like me. Off I go to the logs, armed with the ID# of the alert. I double check no one has been ultra sneaky and set up an alert for this, then check the log for the alert and record the id of the user who triggered it and the addresses, plural where the alert was sent. One is the account that created it, that’s ok. One is a random public burner account. I just created a whole electronic identity using the same service when I created my cover ID. It might mean the user is a field agent but it might, equally, mean they’re alerting someone in the Honshu SF. No way to tell from just the address, but a mystery to look into later.
I withdraw and sign out. Then I compose my report and send it priority to Conductor. The probability is well over 90% that there’s a mole in the Service. I won’t be the one investigating it, but I will get credit for uncovering them. Tradecraft and being a nasty, suspicious person kicks in. Before I send it off, I double check that Conductor’s user ID is not the same as the one on the alert…
It isn’t glamorous, I’ve done a lot of reading, a lot of data analysis, and I’ve queued up deliberately late for jobs I didn’t want to get. I’ve been to a seedy bar and sounded disgruntled and pushed a few buttons to create a fake ID. The most nerve wracking thing I’ve done in the last fortnight is hack my own Service to reveal that there’s a mole and report them to my handler. However, I’ve made steady progress. I’ve established there really is a problem here, in the whole sector of 7AB. There’s an insurrection being planned, it’s quite widespread, and there’s a mole in the Service helping it go unnoticed [Thank you dice, when I was sketching out a plot for this, I really wasn’t expecting it to go that way!]. I’ve also got a cover identity and established I’m the kind of person they might be interested in recruiting. These things take a while, so I will give it a bit longer and see if they bite of their own accord but that has to be my main priority for now, unless the ruckus back at 5MI calls me away.
Oh, and for those of you wondering how a double agent, which I will be soon, all being well, operates in land dominated by unbreakable Iron Vows? Well the answer is, it depends on what you swear. You learn to say one thing and mean another, swear your vow in secret even as you speak it aloud. This is not considered honourable of course, but I have a pre-existing Iron Vow to defend the clan, its people and its territory by any means necessary. Deceiving enemies of the clan by mouthing one vow while internally swearing a second vow upholds that original vow. I feel no qualms about that. Not at the moment anyway.
No comments:
Post a Comment