Operation Dragon Strike Read online

  Operation Dragon Strike:

  An Asian Covert Ops Spy Thriller

  By

  Rahul Badami

  First published in 2019

  Copyright © Rahul Badami 2019

  This book is a work of fiction and any resemblance to actual persons, living or dead, events and locales is purely coincidental.

  All rights reserved. No part of this publication may be reproduced, stored in or introduced into a retrieval system, or transmitted, in any form, or by any means (electrical, mechanical, photocopying, recording or otherwise) without the prior written permission of the author or publisher. Any person who does any unauthorized act in relation to this publication may be liable to criminal prosecution and civil claims for damages.

  TABLE OF CONTENTS

  Acronyms

  Prologue

  Chapter 1

  Chapter 2

  Chapter 3

  Chapter 4

  Chapter 5

  Chapter 6

  Chapter 7

  Chapter 8

  Chapter 9

  Chapter 10

  Chapter 11

  Chapter 12

  Chapter 13

  Chapter 14

  Chapter 15

  Chapter 16

  Chapter 17

  Chapter 18

  Chapter 19

  Chapter 20

  Chapter 21

  Chapter 22

  Chapter 23

  Chapter 24

  Chapter 25

  Chapter 26

  Chapter 27

  Chapter 28

  Chapter 29

  Chapter 30

  Chapter 31

  Chapter 32

  Chapter 33

  Chapter 34

  Chapter 35

  Chapter 36

  Chapter 37

  Epilogue

  ACRONYMS

  CEO – Chief Executive Officer

  CERT – Computer Emergency Response Team

  Comms – Communications

  DG – Director General

  DIA – Defence Intelligence Agency

  DM – Defence Minister

  DRDO – Defence Research and Development Organisation

  ETA – Estimated Time of Arrival

  EXFIL – Exfiltrate

  FATA – Federally Administered Tribal Area

  GPS – Global Positioning System

  HAHO – High Altitude High Opening

  HQ – Headquarters

  HVT – High Value Target

  IAF – Indian Air Force

  InfoSec – Information Security

  INFIL – Infiltrate

  INS – Indian Naval Ship

  IP – Internet Protocol

  ISI – Inter-Services Intelligence

  ISRO – Indian Space Research Organisation

  LZ – Landing Zone

  MARCOS – Marine Commandos

  MEIT – Minister of Electronics and Information Technology

  MEITy – Ministry of Electronics and Information Technology

  MSS – Ministry of State Security

  NSA – National Security Advisor

  NSC – National Security Council

  NTRO – National Technical Research Organisation

  NVG – Night Vision Glasses

  Op – Operation

  PM – Prime Minister

  PMO – Prime Minister's Office

  R&AW – Research and Analysis Wing

  SAT – Satellite

  SITREP – Situation Report

  UIDAI – Unique Identity Authority of India

  XO – Executive Officer

  PROLOGUE

  One year ago.

  Computer Emergency Response Team (CERT-In) HQ, New Delhi, India

  Pratik Sharma blinked his eyes open.

  The harsh light of the desktop monitor peered deep into his groggy eyes urging him to stay awake. He estimated he’d dozed off for a few seconds. He felt like he was going to sink back in the oblivion of sleep. It wouldn’t do. He wiped his eyes and stared up at the bright ceiling LED light that lit his cubicle like daylight. He hoped that staring at the light for a few moments would jolt him out of his stupor.

  Pratik brought his attention back to his monitor screen. He sat straight in his chair. He looked at the cubicles around him. His team were working diligently tapping away at their keyboards. It wouldn’t do if his team members saw their boss slouching and snoring. He believed in leading from the front. He glanced at the time in the bottom-right of the screen. It displayed 2:53 am.

  Another hour and I can go home. But before that, I need to complete my work.

  He resumed work on the Access Control Lists for various servers that determined who could get access to specific databases and who couldn’t. As part of the IT Information Security team for CERT-In, he and his team had to ensure that no unauthorized person could get access to the network or databases of the country’s top cyber assets.

  But the drowsiness refused to go away. Pratik stifled a yawn. He leaned forward and stared at the screen in an effort to concentrate. The screen showed an excel sheet filled with database names and details. The words on the screen were jumbling in his head.

  I should have slept more during the afternoon. Better I go and wash my face.

  “I’ll be back in a minute.” He said to his next-cubicle neighbour. His colleague nodded without looking up. Pratik smiled. He must be deep in his work. His colleague wouldn’t even notice if he went home this minute.

  Pratik locked his desktop PC. He stood up and walked a couple of paces when the overhead lights flickered and turned off.

  “What the-?” Pratik blurted. The facility turned pitch dark. He couldn’t see anything. He reached out and grasped the fibre wall of the cubicle nearest him. Behind him he could hear the surprised voices of his colleagues who were also caught unawares by the blackout.

  “What’s going on?”

  “Someone turn on the mobile flashlight.”

  “Oh crap. I forgot to save my work. I’ll have to redo everything!”

  Pratik strained his ears to hear the backup generator. Located on the floor directly below them, the generator should have kicked in by now. But it hadn’t. That was weird. He wasn’t the only one to whom this had occurred. Even his colleague noted the problem.

  “Backup power is also down. That can’t happen.”

  Pratik pulled out his mobile and called his friend who worked in the Network team in order to find out what had happened.

  “We’re also trying to figure it out.” His friend said. “Everything is down except for the datacenter. Desktops, power, cooling systems, facility access systems, everything.”

  Pratik hung up, a palpable dread forming in his stomach. This had never happened before. It was unprecedented. The failsafe mechanisms and backups had been designed to auto-activate in such scenarios. It was impossible for this to happen. And yet, he was witnessing it first-hand.

  It meant their worst fear had just happened.

  One of the mobile flashlights came on. The team huddled around the light. Pratik walked over to them. He had to let them know about his hunch. One guy spoke up, “We need to go downstairs and manually start the generator.”

  Just then, the overhead lights turned on everywhere bathing the floor with white light. Pratik scrambled to his desktop and turned it on. He needed to check the logs. The suspense gnawed at him. He was half-scared of what he would find.

  “I’m checking the logs.” Pratik rapidly typed on the keyboard. A series of windows popped up.

  “No…” he blurted, looking at the information on the screen. It was a punch to his gut. Hard-hitting and impossible to breathe. “No… no… no.” He choked as the realization settled in.


  It was like the gasp of a dying man.

  CHAPTER 1

  Ministry of Defence, South Block, New Delhi, India

  Present day

  “How did this even happen? It’s a disaster.” Someone declared.

  Shikha Tiwari peered at the man in a small crowd gathered outside the conference room. She recognised him as one of the aides in the Defence ministry. The man looked definitely agitated. Shikha wondered how many in the crowd knew why they were called for this emergency meeting. They would all know soon enough.

  “Quiet.” His colleague next to him said. “Let’s go inside.”

  Shikha followed along with the crowd and they entered the conference room. The room was modern and spacious with a large rectangular mahogany table in the centre. A dozen comfortable chairs surrounded the table. Hookups for electronic equipment and teleconferencing phones were lined up in front of the seats. The walls were plain coloured and the room was swept every day for bugs. On the far wall were mounted multiple large flat screen monitors.

  Shikha took her seat and mopped the beads of sweat that had formed on her forehead. She focused on the notes in her hand. The conference room was air-conditioned, but Shikha felt a hot dread in the pit of her stomach.

  I am only a messenger. She told herself as she looked at the notes for the umpteenth time. Shikha wasn’t sure how the Prime Minister would react when he heard the news.

  The members of the hastily-convened emergency meeting streamed into the room taking in their seats. A video conference call was enabled on one of the large screens. It showed a man in his fifties. His face was darkened with anxiety and his scalp was shining with perspiration. Shikha looked at him. He’s the one the PM will question first, not me.

  Her heartbeat eased just a beat. She wasn’t the only one worried.

  A buzz filled the room as people started talking amongst themselves. Most of them had only heard of the incident a few minutes back. The meeting constituted the members of the National Security Council, the Finance Minister, the National Security Advisor, the Minister of Electronics and Information Technology, the NTRO, their aides and select other people. The buzz came to an abrupt stop as PM Jagdish Inamdaar strode in and took his place at the head of the table.

  PM Inamdaar came right down to business. He looked at the man on the video wall and said, “I want to know exactly what happened.”

  The man on the video wall was Venkat Aiyarr, the CEO of Unique Identity Authority of India (UIDAI). The UIDAI issued Aadhaar cards; an identity card for 1.2 billion Indians that served as proof of residence and helped Indians open bank accounts, get government subsidies, file taxes as well as obtain mobile SIM cards. The enrolment for Aadhaar cards required the biometric identity of the person including fingerprints and iris scans.

  “We have had a cyber attack on the UIDAI database.” Venkat Aiyarr’s voice was strained as he spoke. There were a couple of gasps as some of the members weren’t aware of the reason for the emergency meeting.

  “How is that even possible?”

  “We are still investigating the breach, but our team has revealed the firewalls were breached and the database was locked.”

  “What do you mean the database was locked?” The Minister for Electronics and Information Technology asked. The UIDAI was under his purview, and he was most concerned ever since he had heard about the incident.

  “It means the database has been encrypted. We can no longer access it. It now asks for a password. It means if someone now goes into a bank to open an account, the bank won’t be able to authenticate his fingerprint with the database, because the database will no longer respond.”

  The buzz in the room resumed, louder this time. Shikha looked around the room. Now that the problem had been highlighted, she was sure the blame-game would start. The politicians would disown their responsibility of their respective departments and accuse others of failing in their duty. It didn’t matter. It would be the bureaucrats that would ultimately have to do the grunt work no matter the amount of mud-slinging politicians did.

  “I knew this was going to happen,” Defence Minister, Dayanand Mistry spoke up. “I’ve been opposing the Aadhaar Identity project ever since it was proposed. I was worried about privacy issues. But none of you listened to me. And now everyone’s personal information is up for grabs by the highest bidder. The hackers will now have everyone’s names, bank accounts, and fingerprints.”

  “We don’t know if they copied the data as well.” The UIDAI CEO said. “The database size is in Petabytes. We physically disconnected the link, the moment we got the alert. They could have gotten a few millions of biometric information. At this point, the database is locked; that’s all we know.”

  “And what if mine is one out of those few millions?” DM Mistry stood up. “If I lose my credit card, I can block the current credit card and get a new one. What if the hackers have my fingerprints? Do you expect me to cut my fingers and attach new ones? They can now impersonate my identity. Why did we have to link so many things to Aadhaar? This Aadhaar was a single point of failure, and now it has failed and there’s no Plan B.”

  “The data on the Aadhaar database is in a hashed format. Even if they get some of the data, it will be very difficult for them to decrypt it.”

  “Am I supposed to be reassured by that?” Mistry retorted. “You’ve said very difficult. It doesn’t mean impossible. Sooner or later they will be able to crack the database and get their hands on our personal information.”

  “Gentlemen,” PM Inamdaar spoke in a quiet voice. “We are here to fix the problem, not fix the blame. Let the people who can figure how to resolve this crisis speak. First, I want to know the repercussions of this incident.”

  “The repercussions are catastrophic, sir.” The UIDAI CEO didn’t beat around the bush. “It’s not just the Personally Identifiable Information like names, addresses, birthdates, phone numbers that are exposed, it’s the millions of bank accounts that are linked with Aadhaar that really scares me. We are looking at impersonation on a scale of millions.”

  Shikha’s blood froze at the words. The entire room sat stunned.

  The CEO continued. “Hackers will be able to log into bank accounts, transfer money into any of the millions of compromised accounts multiple times and eventually route it to their own accounts. There will be no way we would be able to find out which account is genuine and which one is hacked. Further, they would be able to call any of the hacked account’s business partners, colleagues, friends or even banks, masquerading as the account holder and do social engineering and gain access to even those accounts that weren’t hacked. There won’t be any trust left in the financial system. We will witness a hacking of a magnitude never seen before in the world. Forget about losses in billions and trillions, we are looking at losses in terms of quadrillions and quintillions. We will need to recreate the entire financial industry from scratch. Banks, stock markets, companies, non-banking financial institutions, everything will have to start from zero. The Indian Rupee will crash and reach the levels of Zimbabwe. And like Zimbabwe, we will be forced to ditch our own currency and start trading in gold or dollars.”

  Shikha’s head sank in her hands. This was an extraordinary disaster. Behind her, she heard someone sob. She looked up at PM Inamdaar. His face was still calm even after receiving the bad news. He asked just one question.

  “What can we do to stop this?”

  “Our first step was to contain the leak, which we did. The next step is to remove the encryption on the database. Our team is working on it. So far, there hasn’t been any positive progress. The database is still locked.”

  “What about the backup in Manesar?” The MEIT asked. “That one was the failsafe for exactly this kind of issue.”

  Shikha nodded as she listened to the conversation. The Aadhaar database contained the names, addresses, and biometric details of a staggering 1.2 billion Indians. It was the largest biometric database in the world. To protect the database from being des
troyed in an act of god, war or any unforeseen event; they had decided to duplicate the database in two different cities. The UIDAI sites at Bengaluru and Manesar were separated by thousands of kilometres. If one went down, the other site would still be functional.

  The CEO mopped the sweat on his forehead with a handkerchief. “That’s what we don’t understand. Both databases were attacked in a coordinated effort at the same time. It was a very sophisticated cyberattack. We immediately coordinated with the NTRO and they informed the National Security Advisor.

  The National Security Advisor chipped in, “We have our best folks investigating this at the moment. We traced the source of the attack and it’s pointing to an IP that originated from China.”

  “China?” PM Inamdaar raised his eyebrows.

  “Yes sir,” the NSA continued. “The Americans, Russians and Chinese are notorious for cyberattacks. Sometimes it’s an individual, sometimes a team, and at times, it’s a state-sponsored hack. I spoke with General Singh and roped in the DIA team. Shikha here has been trying to help us out by understanding the cyberattack type and looking for patterns to previous attacks. Shikha?”

  Shikha had already memorized the details. “This attack happened three hours ago. We looked at the logs and determined that the attack originated from China. We have now triangulated the location to a central business district in Urumqi. Urumqi is the capital of China’s largest province Xinjiang, the westernmost province of China. Based on the sophisticated nature of the attack, I’m led to believe this could be a Chinese state-sponsored cyberattack. We already know they have a cyber-force in the People’s Liberation Army called Unit 61398. This could be their doing.”

  “Are you sure?” the PM asked.

  “Right now, it’s only an educated guess.” Shikha said.

  “Which means it’s still a speculation.” The MEIT said. “We need something better than just speculation. But why would they do it?”

  The UIDAI CEO interrupted, “I just got an email from the hackers. They are saying they will provide the encryption unlock codes only if we pay them a ransom of One Billion dollars in bitcoins.”