The Kill Chain is the cybercrime thriller from Scotland’s newest writer, GJ Scobie, published by Darkstroke publishing, in the summer of 2022. This blog post is one in a series called Facts behind the Fiction, in which I take an aspect of the plot and provide factual background material, giving an insight into the real world of cyber security and those who work tirelessly to defend our networks and data.
So where did the initial inspiration come from?
Edinburgh is the backdrop to the story. I have featured it in other novels and I am sure it will continue to provide a location in future. I love this city and it just seemed natural to have it set there. The initial inspiration for The Kill Chain, came to me, while at work in the office in Edinburgh.
It was in 2019, pre-pandemic, and I was in conversation with a student intern who said to me they had been invited to take part in a capture the flag competition abroad. This is a term we use to describe a computer hacking competition. Teams take part in challenges around breaking into computer systems setup for the event. I asked what country it was taking place in and when they told me I said, you have to expect to be compromised when there, so if you are going to attend, we will need to have a plan for the devices you take with you and for how we handle them and your logon credentials when you arrive back.
As I spoke, the idea for The Kill Chain came into my head. A cybercrime thriller, triggered by a decision to take part in a competition, being compromised by unknown threat actors when there, and then years later, when in a responsible security role, falling victim to an extortion attempt. I typed a couple of lines to this effect into a Microsoft notepad and named it ‘Hack story.txt’ and left it there for around a year while I finished another novel I was working on, before opening up the file and recalling this conversation. The whole process took less than a minute, but the idea was more or less fully formed in that time. For the record, they didn’t go to the competition.
Next time, what is pen testing?