January 15, 2016

Fact checking Mr. Robot: Reality vs. fiction on TV’s cyber security hit

IStock_000011951853_XXXLarge[Warning: Spoilers!]

Mr. Robot’s win at this week’s Golden Globes surprised many people, but we at Imperva weren’t among them. How could we not love a show about cyber security? It deserved the award for its exciting story lines and great acting, but we felt compelled to assess it on a different level: how accurate is Mr. Robot’s depiction of the world of cyber security?

Let’s look at several different scenes, and how they stack up to reality.

Scene 1: Elliot eavesdrops over coffee shop public WiFi.

Reality Check: ACCURATE!

Public WiFi networks are exactly what they’re called – public. Anyone can join the network, and anyone who joins the network can eavesdrop using simple web traffic analyzing tools. Any communication that is not properly encrypted, including email (if you use an insecure email client) or your browsing data, can be viewed by attackers.

Advice: Avoid using unsecured public WiFi networks. If you must use public WiFi, use a VPN or make sure your traffic is encrypted – look for the green lock in your upper address bar.

Scene 2: Elliot exposes the coffee shop owner as a child pornography site owner in the dark web.

Reality Check: NOT SO MUCH...

Breaking TOR anonymity or sniffing TOR traffic in a targeted and systematic way requires advanced state actor capabilities and funding. Typically it is very opportunistic, and mainly applies to applications that do not use SSL. This particular scenario is therefore quite far-fetched, and not a threat to most individuals and enterprises.

Advice: TOR can maintain anonymity on the Internet.

Scene 3: Elliot hacks personal accounts.

Reality Check: ACCURATE!

Even with today’s advanced security solutions, hacking into personal accounts such as email, dating services, and social media is relatively easy. The attack is usually based on brute force attempts to crack your password. This is unfortunately still effective, especially with ready-made, off-the-shelf tools that are available to anyone who wishes to launch such an attack.

Advice: Choose strong passwords for your accounts, do not share the same password across accounts, and apply two factor authentication when possible.

Scene 4: E-Corp servers are attacked by DDoS as a diversion to another attack on the servers.

Reality Check: ACCURATE!

This technique has been used in several past real-life security incidents, most notably the Sony PlayStation breach in which the account information of 77 million users was stolen under the cloak of a large-scale coordinated denial-of-service attack. "Security teams were working very hard to defend against denial of service attacks, and that may have made it more difficult to detect this intrusion quickly," Sony Computer Entertainment chairman Kazuo Hirai admitted.

Advice: Network protection is not enough. You must also protect your data.

Scene 5: E-Corp servers are infected with a rootkit that crashes the servers on boot up.

Reality Check: ACCURATE!

This kind of behavior is typical for kernel-mode rootkits. These rootkits run as part of the operating system itself with the highest privileges, and can modify startup code like Master Boot Record (MBR) and crash the server on every restart. Removal of kernel-mode rootkits often results in reinstallation of the operating system.

Advice: Make sure to regularly back up your servers’ data.

Mr. Robot is not only an excellent show, it offers some real-world advice on how to keep your data and systems secure. And strong cyber security? That deserves an award any day of the week.

Authors & Topics:

Share on LinkedIn


love it :)

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.