The show creators are paying attention to the IT industry, so it might be time to pay attention to them.
One of the breakout cable TV show hits of 2015, Mr. Robot wrapped up its second season (don’t worry, no spoilers in this article), and has been gaining traction with viewers ever since the show premiered. The show centers on Elliot Alderson, a cybersecurity engineer by day and a hacker by night. The plot has tons of twists and turns, making it easy to binge watch over the course of a rainy weekend.
However, cliffhangers aside, one thing that makes Mr. Robot unique is its attention to detail in the IT security and hacking landscape. Usually, when hacking is depicted in film or on television, it is a plot device to move the story forward; an impassable obstacle is suddenly removed due to one character’s “hacking magic” that is never explained or even referenced. Mr. Robot is quite different in its execution.
In fact, in a recent Reddit AMA, Costin Raiu, general director of Kaspersky Lab’s Global Research & Analysis Team commented on the credibility of the show in reference to real-world threats and attacks, saying
“Most of the scenes are top class and the usage of tools, operating systems and other tiny details, from social engineering to opsec is very good. I guess having help from some real world security experts (the folks at Avast did a great job! - https://blog.avast.com/2015/06/25/are-the-hacks-on-mr-robot-real/) helped. I particularly enjoyed some of the quite realistic scenes, such as the poor developer who can’t help fixing the broken Bitcoin bank and the parking lot USB key attack.
That’s right, the show is utilizing real cybersecurity firms to keep everything grounded in reality. In fact, the show writer and technology producer of the show, Kor Adana, was a network security analyst and forensics manager prior to getting his break in Hollywood. Wired took a detailed look into the heavy hitters behind the camera, and found that Adana’s team was made up of world-class IT security experts—many with backgrounds in hacking as well. Among those on Adana’s team are
- Marc Rogers, veteran hacker and head of information security at Cloudflare.
- Ryan Kazanciyan, who is chief security architect at the security firm Tanium
- Former FBI agents Andre McGregor and Michael Bazzell
For a deeper look into the process, I highly recommend Wired’s article, which describes the entire approval process for the hacks on the show; the technology team are so committed to accuracy that hacks are often demonstrated in order to be used.
Shows like Mr. Robot are important to us in the IT community because it shows a fundamental shift in the way that our culture is looking at cybersecurity. In the past few years, it has risen to the front of our consciousness as a fascination and a threat. In the past decade, our immersion into technology has left the workspace and the home office to exist alongside us virtually every moment of the day, and interconnectedness has taken new meaning with smartphones giving way to cloud-enabled, AI-capable data collecting devices in every facet of our public and private lives.
It should come as no surprise that exploits and threats to our new technological infrastructure—and the effects that now reverberate to our personal lives—are a legitimate concern. The show featuring a hacker capable of breaching networks every day civilians are dependent upon is the new train heist film. A threat within the zeitgeist for a new century and a new generation, and one we can now associate with real-world, personal loss.
Cybersecurity has become a major focus of the IT world in the past few years, and that trend is not going away. Managed IT Services Providers need to start thinking and planning now for the next generation of security services and tools that will be able to safeguard their clients against the very real threats that exist, and will continue to exist, in today technological landscape. We need to think ahead of shows like Mr. Robot and prepare ourselves and our client base for how to do business under a more complex set of security concerns. After all, if a realistic look at cybersecurity has already become part of our entertainment, the next threats may be less obvious, more insidious, and stranger than fiction; we’ll need be prepared to meet them.