How to show cybersecurity in 2021 so that your show doesn't fail

If the creators of TV shows about hackers and cybercrime do not work out the details, one cybersecurityman is sad in front of the screen. In 2020, the IT world has already seen "Mr. Robot" and "Silicon Valley", it is increasingly difficult to forgive the stupidity of movie hackers. 



Together with my colleague Kirill Golubenko, we decided to sum up the TV results of the year and compiled the top 5 tenacious film stamps about information security from new series. Let's analyze the unfortunate and comical moments in Devs and Next and find options that could save them. 

Spoiler alert : This article uses excerpts, scene descriptions, and plot twists. If you wanted to watch these series, you better watch first. 






"I will hack any server in 10 minutes" and other pride of a hacker



In the new series, showrunners still portray the hacker as a genius wizard with computer superpowers without borders. The hero is able to hack the ministry, glue a video tape, and track the main villain by IP. And all this in 10 minutes.



The character "Neksta" CM - the leader of the hacker group "Iron Sleeves" "Dead Lizard", works for the FBI. His cybercrime department is looking for an escaped artificial intelligence and decides to intercept the signal of Eliza's column, which is possessed by an evil AI. 







The operation itself in the second episode briefly looks like this. CM uses a program similar in appearance to Wireshark. Most likely, he made traffic mirrors and gave access to wiretapping to other FBI agents. Together, they analyzed a bunch of traffic and identified the smart column pattern: 





The heroes' remarks do little to clarify. In the frame, we see that there is SSL traffic that cannot be disclosed without a certificate. Apparently, the hero hacker organized a man-in-the-middle attack and changed the certificates on both sides. It is not completely clear what helped to find the IP address. The actors' concentrated faces are not an explanation.



In "Developers" the work of a hacker looks realistic at first glance. In the second episode, the main character Lily comes to the information security specialist Jamie to find out the reasons for the disappearance of her boyfriend Sergei. Lily found a suspicious password-protected application on Sergey's phone. Together with Jamie, they find out that this is a Russian messenger developed by government agencies (surprise!). And here is what the moment of hacking looks like: You can 







believe in this scene if we convince ourselves that many hours of scripting is left behind the scenes. 



So how should it be? 



Here we immediately remember "Mister Robot". Elliot is also not devoid of pathos, but he recruited a team of 5 people to penetrate the "impenetrable" data center. It took several months of preparation to bypass the multi-component protection - in the series they stretched over 4 and 5 episodes of season 1. 



Rubbish instead of code and IPs



In the second episode of Neksta, let's take a closer look and screen the screen while tracing the IP address: 





Attention to IP addresses.



And here is what the code looks like in the credits of "Neksta":





This, in principle, cannot work. Find the syntax error;).



So how should it be? 



There are also elaborated scenes with the code in Next: 







For the first episode, the scriptwriters did not invent anything, but took the TensorFlow code . 



Theft of data on flash drives

A flash drive with classified information is a classic of the genre. In Developers, Lily distracts Kenton's security chief while her friend stays in the office and steals CCTV







footage : It is  theoretically possible that the footage is stored locally unencrypted, the USB port is open, and Kenton has no habit of blocking the computer. But these details completely change the character's image: Kenton looks stupid for a former CIA officer with an exorbitant level of paranoia.  



There is a more curious example in the first episode of "The Developers". Sergey comes to Devs and undergoes a short briefing on security policy from his manager Forest. We liked the instruction, and what happens after it:





Apparently, the DLP system with protection from screen capture has not yet been invented (the plot of the series unfolds in the future). But it was possible to make it even more exotic and give Sergei not a camera, but a device for draining from an LCD monitor, like the interception of van Eyck



So how should it be? 



If a stamp with a USB flash drive is used in a humorous manner - all the rules. In the French comedy "Delete History", the heroine learns about the compromising material filmed on her and goes to the Google data center to remove it. Here's what we see after two unsuccessful assault attempts: 





No backups and network segmentation ...



We've been laughing at the phrase "Our firewall has been hacked" since Transformers, but it's still alive. In Next, artificial intelligence takes revenge on the cybercrime department and destroys all data on an important case in 10 seconds. 







What we learned from this scene: In a key department of the FBI, everything lives behind the same firewall. The storage is not separated from the Internet access, the DMZ is not built correctly. Most likely, the old firewall is used, which does not recognize attacks and traffic anomalies. They also don’t make backups. 



So how should it be? 



In reality, the FBI would have provided L1 security. By standards, such a department should have a separate network without Internet access, physically severed. We have seen such a practice in our government agencies: in order to gain access to classified data, you need to come, get 3 keys, go into a separate room.  



There is a good example in "Mr. Robot" all with the same "impenetrable" data center. Elliot's team was planning the hack for multiple layers of defense, not just "breaking the firewall." The writers took the time to describe the site in detail.



... But there are measures "for beauty": spectacular and incomprehensible



In Developers, Forest begins his tour of Devs with a story about the physical protection of the laboratory: 





The Faraday cage is ok, but we still don't understand why we need 7 meters of vacuum. 



Here we also include the demonstrative tearing of the wi-fi-module on Jamie's laptop in order to remain "invisible": It is 





possible to disconnect the adapter and not so demonstratively. 



Bonus. What about the security of the data center itself?



In the first and second episode of "Next", an FBI agent arrives at the Zava office and gets acquainted with the artificial intelligence developed there. At this point, the AI ​​decides to "fake suicide" and escape. Here's how it happens:







First, it's embarrassing that the developers' desks are installed right in the data center. Secondly, here we do not see any fire extinguishing system, everything just burns out. Even if the AI ​​turned it off, we want it to be shown! Well, again at the end we hear that "all the backup systems of the company are fried." Guys, where are the backups?



So how should it be?



If there is no screen time for a realistic description of the data center and are afraid to tire the viewer with details, it is better to use stamps about data centers in an ironic way. For example, in Silicon Valley it looks more interesting:







Now we are waiting for the end of Next. In the meantime, throw in more good and bad examples about security from new films and TV series? Let's make a list for viewing on the weekend and the next day of information protection. 



All Articles