The Devil's Code

that most of the clients are NSA people. You will also find that the first mentions of Firewall all come from this computer, several days before the name went public. The rumors were planted by an NSA contract company called AmMath, of Dallas, Texas. A-M-M-A-T-H. AmMath is also involved in the murder of an NSA official named Terrence Lighter. L-I-G-H-T-E-R. Are you getting this . . .”
    “Give me that name again, Lighter . . .”
    I spelled it again and then said, “NSA security people are on the way to Bloch Tech right now. There may be nothing left to discover if the FBI isn’t there to watch them. You can call an NSA security official named Rosalind Welsh”—I spelled her name and gave him her phone number—“to ask about the server.”
    “What about . . .” he began.
    “Good-bye,” I said. I hung up, and we took off.
    “Now,” I said. “ Something’s got to happen.”

 13 
    W hat the European hacks were doing to the IRS was simple enough—the programming could be done by mean little children—but their organization showed some good old German general-staff planning. They must have worked for weeks, getting into the computer systems of not only a lot of small colleges, but, as it turned out, into the computers of several big retailers.
    Without studying the problem, I would have thought that getting at the retail computers would be almost impossible, without a physical break-in to get at security codes. I was wrong. It appears that several of the big online retailers spent all their security money on protecting credit-card and cash transactions, and making sure that nobody could fool with their inventory and sales records.
    But they had other computers that specialized in routine, automatic consumer contacts—computers, for example, that would do nothing but send out standardized e-mails informing the customer that his order had been shipped. For these computers, no great security seemed necessary.
    They were perfect for the hacks. They were optimized for sending outgoing mail, and once the hacks were inside them, they could easily be set up to ship the phony IRS returns. At the peak of the attack, the bigger online companies were sending out thousands of phony returns per hour.
    That would have been bad enough, but the hacks had taken it a step further: they didn’t have the returns sent directly from the retailer to the IRS, but rather bounced them off the customers. When the retailer sent an acknowledgment of a purchase, the IRS file was automatically attached, but would not show up on the customer’s computer screen. What would show up was a legitimate receipt or other message, plus a message from the hacks that read, “For auditing purposes, and your shopping protection, please acknowledge receipt of this message by clicking on the ‘Acknowledge’ button below. Thank you.”
    Every customer who clicked on the “Acknowledge” button was actually sending a message, but not to the retailer. The message was one of the phony returns, and went to the IRS. When the IRS tried to track the messages, they’d find they came from thousands of individuals all over the country, all of whom denied knowing anything about it.
    T he attack was continuing the following day when LuEllen and I loaded into the rental car and went for a noon-rush-hour drive on Interstate 10. We picked the Interstate because if we were moving fast, we’d be switching phone cells every few minutes.
    “Hate to waste a perfectly good phone,” LuEllen grumbled.
    “That’s why we got it,” I said. Using one of the new cold phones, I direct-dialed Welsh at her NSA number. Nobody answered.
    “Not there,” I said, hanging up.
    “What does that mean?”
    I thought for a moment, and then said, “I told her I’d call her. But it’s Sunday, and maybe she thinks we’ve only got her home phone. I’ll bet she’s home, sitting on the phone.”
    “With a bunch of FBI agents.”
    “Yeah, well . . .”
    I dialed her home phone and she picked up on the fifth ring. On the fourth ring, I said to LuEllen, “Maybe they don’t fuckin’ care.” I was about to hang up, when I heard the phone shuffle, and then her voice.
    “Hello?”
    “This is Bill Clinton. I spoke to you last night. Did you go to Laurel?”
    “Yes, we did. Is this a cell-phone call?”
    “Yes.”
    “Then we will have to be circumspect. We looked at the account you were speaking about, but there wasn’tany traffic of the kind you described,