All Those Cybersecurity Threats on Mr. Robot? Totally Plausible
March 31, 2017 • Blog Post • BY VOX CREATIVE
IN THIS ARTICLE
- Kerry Matre, senior manager for HPEs Enterprise Security business, notes that part of hit TV show "Mr. Robots" success derives from using real-life cybersecurity scenarios
- Matre provides tips for how business can protect their data and mitigate the risk of attacks
HPEs Kerry Matre weighs in on the real-world cyber risks depicted on USA Networks Mr. Robot
Read the original article on The Verge.
The USA Network hit "Mr. Robot" is a compelling and immensely successful show that grapples with both cyber crime and paranoia. The moody Elliot Alderson (played by Rami Malek) was, through season 1, a cybersecurity professional by day and a deeply paranoid hacker by night. As part of fsociety, a shadowy hacktivist collective working for good, he helps orchestrate a large-scale, season-long attack on the multinational conglomerate E Corp, which he calls Evil Corp.
How realistic is it?
Is it possible to infect a computer and let that machine gain access to your webcam? Is hacking someone else's password as easy as making a few educated guesses? Would eliminating 70 percent of the world's debt bring about a dismantling of capitalism as we know it? Are any of these thingsall of which happened in season 1 of "Mr. Robot" actually feasible?
"The small pieces of the attacks are definitely realistic and could be done by one person," says Kerry Matre, senior manager for HPEs Enterprise Security business. "You can get all the tools online." Matre knows what she's talking aboutHewlett Packard Enterprise provides security solutions for some of the biggest businesses in the world.
OnMr. Robot, these attacks are large, coordinated events orchestrated specifically for mass impact over the shortest amount of time. In the real world, corporations of every size are subject to an endless barrage of smaller attacks, with the average company falling victim to about 2.8 successful attacks per week, Matre says. But a hacker with the right knowledge, looking to take down a corporation for any reason, could very easily mastermind an attack that is not only an inconvenience for the consumer but also a disaster for the company, she says.
Real attacks, tweaked for TV
Part ofMr. Robot's success derives from its writers' skill at synthesizing cybersecurity issues that make headlines in real life, Matre notes, like DDoS attacks, or distributed denial-of-service attacks. In season 1, Elliot worked for Allsafe, a cybersecurity firm tasked with protecting E Corp. In theMr. Robotpilot, Allsafe notices a DDoS attack happening to E Corp and calls Elliot in to help. "A DDoS attack is many, many different people trying to access a webpage all at once," Matre says. All that demand makes a site overload and shut down. "The scariest thing about a DDoS attack is that you can rent a botnet to perform the attack," Matre says. "It's many infected machines that have all become slaves to a command machine. When the single command and control says, Go perform a DDoS attack on some website,' they all take that instruction and perform the attack together. Unknowingly."
There are technologies designed to prevent or lessen an attack, but once an attack starts, it's crucial that it's identified quickly. Companies need to be prepared to respondnot just with preventive measures but with a plan in place to respond and restrict access from attacking hosts.
"Once an attack does start, then you need to shut everything off and wait until the attack is over before you come back up. You can do some digging into it to figure out the characteristics of what machines are coming after you and block all those attackers," Matre says.
One of the more worrisome hacks in the show occurs when Ollie, a dopey Allsafe sales guy and the boyfriend of Elliot's childhood friend Angela, takes an infected CD from a member of the Chinese hacker collective the Dark Army, inserts it into his computer, and foolishly clicks on the link that pops up, infecting his machine and allowing hackers to access his webcam, which opens him up for potential blackmail and identity theft. This seems like a Hollywood embellishment on something that should be much more complicated, but Matre confirms that it is very real.
"It's not just that you put the CD into your computer," Matre says, "but that there's a file on there that you execute." Once the file has been executed, the machine is infected. "The only thing you can really do at that point is wipe the machine completely clean," she says. The moral of the story? Know the source. Picking up a CD or a USB drive from the street and inserting that into your computer for curiosity's sake could be more dangerous than you think. And if a machine does get infected, it's important to immediately quarantine the machine so the virus doesn't spread throughout the system.
But vast conspiracies are harder
But nothing on the show is more frightening than the ramifications seen in season 2, where the overarching plot has taken down Evil Corp, wiping the majority of the world's financial data, thereby eliminating debt, and somehow dealing a lethal blow to capitalism. Everything in the security industry is about understanding risk and acting to mitigate that risk. "It's never a matter of if, but when," Matre says. Even so, she confirms that this kind of large-scale disaster isn't as easy as it looks. Companies like HPE are working hard to build security systems for global companies but they are also constantly researching the tools and tactics of hackers and using those lessons to help their customers. HPE has 10 different security operations around the world, monitoring different organizations and studying attacks to figure out how to prevent them in the future.
"There are security experts out there, fighting attacks like this," Matre says. "It's not like someone's going to perform an attack that doesn't see any resistance; we have security technology. If something very large were ever to occur, it'd be difficult, because of the security that organizations have put into place." If a hacker did break in and steal data they would have to take on the additional complicated step of going after the government mandated physical and virtual back-ups protected at multiple locations.
But if the attacks portrayed onMr. Robotare within the realm of possibility, there are also simple ways we can work to avoid them. Strong and varied passwords are important. So is using common sensedon't give out information just because someone asks for it, and don't click on links in random CDs just because you can. Companies also need to think about security in a holistic waynot just after an attack. That means educating employees, backing up data and staying ahead of the curve to help minimize risk. Thinking like a hackerand learning about the business of hacking can help companies protect their businesses.
"Everything we do in security is really just to disrupt the attacker," Matre says. "It's not that locking my front door is going to prevent somebody from breaking into my house, but it'll hopefully make them go look someplace else."
Learn more about risk management solutions from HPE. Follow @HPE_Security on Twitter.
Todays cyber attackers are sophisticated organized businesses. When you understand how they operate and treat them as competitors, you can disrupt their business to protect your own. Get HPE's The Business of Hacking report to learn the strengths and weaknesses of hackers so you can be better prepared to protect your business.