[ This article was originally published here ]
By Dave Cartwright, CISSP
The mysterious world of cybersecurity can sometimes be misrepresented on screen, creating challenges for professionals tasked with educating their colleagues and other users.
Screenwriters for movies and television are known to play fast and loose with the facts. Any car involved in an accident, no matter how small, explodes in a hideous ball of fire. Everyone can find a parking space on the street right outside their house. Whenever text appears on a computer screen, a beep is heard for each letter that appears.
It’s no surprise, then, that the role and actions of cybersecurity are sometimes further misrepresented and exaggerated on screen. Today we take a look at our five favorite examples of how cybersecurity has been misrepresented in the name of entertainment.
1. “Greetings, Professor Falken”
Let’s start with one for less young readers. In 1983, writers Lawrence Lasker and Walter Parkes came up with the most high-tech movie in years: WarGames. US military gurus decided they couldn’t trust humans to launch nukes, so they set up a computer to do it. Matthew Broderick, then a typical-looking young man playing a stereotypical young geek, broke into the computer and inadvertently set off a nuclear attack. How did you achieve this? Well, it helped a little that the defense forces put a modem connection on his most dangerous computer, and the bonus was a backdoor password that was the six-letter name of the creator’s dead son. All in capital letters. And, of course, as part of the adventure, he leaves from NORAD HQ, one of the most secure military bases in the US, if not the world.
But is this class a cyber “bug”? After all, it’s inconceivable these days that someone would bypass the security verification program’s code and then connect a super-sensitive military server to the Internet (or in this case the public telephone network), with a simple password and no authentication. of multiple factors. , It is not like this?
2. Let me plug this in, 007…
The James Bond franchise is, as I’m sure anyone reading this knows, chock full of amazing, and sometimes technologically possible, gadgets and equipment. Bond’s is provided by MI6’s “Q Branch”, frequently to the delight of Aston Martin’s marketing department. Magnetic watches, cigarettes that shoot darts, and Lotus Esprits that explode when broken are part of the daily job of “Q,” the branch boss. And some technology keeps making a comeback thanks to its usefulness, most notably the hand/fingerprint recognition guns that have appeared multiple times in movies like Casino Royale (the one with Daniel Craig) and the movie we’re thinking of here: Skyfall.
The one where Q receives the bad guy’s laptop, plugs it into the MI6 LAN and with a single cable insertion opens up a great opportunity for the writers for “Someone Just Hacked MI6 Through Their Best Spy Guru” Creativity advanced technician”.
3. Who needs to declare a war?
This is one for readers on the east side of the Atlantic. In 2022, the UK television company Channel 4 launched an exciting new series, “”, which features a cyber-oriented disinformation attack on the UK by Russia.
It’s full of completely credible activity, particularly at GCHQ, the UK’s leading technology/intelligence agency. In a single episode, we see a student in a year-long internship analyzing the code of a key piece of malware, copying it to a USB stick (clearly, GHCQ is too secure to have to worry about blocking USB ports), passing the memory of a crypto specialist leaving it on the lunch table (from where he picks it up, hiding it in a cloth), following a veteran through a secure door, and then joining said veteran for a picnic in a locked intelligence facility and in disuse . Oh, and then meeting a shady-looking stereotypical hacker dude in a hoodie at a trade show.
All completely plausible, clearly.
4. Terrible Lizards*
Pausing for a moment to reflect on the fact that the Velociraptors’ cry is actually based on a recording of turtle mating, we recall that John Hammond, the fictional creator of the fictional Jurassic Park in the blockbuster 1993 of the same name – focused more on the frog’s DNA than the principle of Least Privilege. The movie’s IT bad boy, Dennis Nedry, played by Wayne Knight, is able to disable the park’s security systems, along with the power of the vans carrying tourists, so he can steal dinosaur embryos for a competitor in exchange for a tasty bribe. We should have seen this coming given that at one point a “video call” (a concept that wasn’t very widespread in those days) is clearly just a QuickTime movie playing on a Mac, with the “thumb” constantly moving from the far left. from the screen. window (at the beginning of the “call”) on the far right (at the end). And lo and behold, Nedry can kill all these important security systems and defenses without a “second pair of eyes” and completely undetectable (at least until the big lizards start eating people).
* The word “dinosaur” derives from the Greek for “terrible/monstrous lizard.”
5. Independence Day
We will end with another action movie blockbuster. Will Smith is clearly a man determined to interact with CGI-based alien life at every opportunity (think Tommy Lee Jones: “Congrats Reg, you’re a… squid”). In Independence Day, Will leads the fight against an alien attack. The aliens’ spaceships are clearly protected by some fancy defense technology, and no amount of bows, arrows, BB guns, or nuclear weapons will do any good against them. Playing the stereotypical “cute geek” role, Jeff Goldblum realizes that by infecting the mothership’s systems with a computer virus, they can cause the ships’ shields to fail, making them susceptible to Earth weapons. . So Will takes them in a crashed-and-captured alien ship (which requires no training to fly, and the script doesn’t give him time to read the manual) to the mothership, whose commander is dumb enough to think: “Ah, that’s clearly one of us, we’ll let him in.” Jeff logs in, loads the virus, and hands out the cigars, and Will drives them home. Either they had a really bad Wi-Fi password, or Jeff had just the right cable. correct to connect to the ship’s computer. That part is never explained, not even in the director’s cut!
The thing is, though, as someone pointed out to me when I was talking about writing this article, it shouldn’t be all that surprising that Jeff was able to connect to the alien mothership’s systems.
After all, USB is the Universal serial bus…
Advertisement
