From WarGames to Mr. Robot: when hackers take over the big and small screens
The hacker has been a recurring character in films and television for a while now. Production companies fictionalize very real cyber risks, which are often countered in a very Hollywood-like manner. To make the return from the summer break a little easier, inCyber has put together a short collection of films and series in which the keyboard is a weapon.
The hacker, as portrayed by Hollywood, nearly sets off World War III, plunges an entire country into chaos, pulls off elaborate bank heists, embodies a modern-day Robin Hood, saves the world or steals state secrets. An essential component of our lives, cybersecurity was bound to end up on the big and small screens… oftentimes with whimsical twists and pyrotechnics that have little to do with computers.
Cinema and television are indeed always on the lookout for original subject matter, but they don’t necessarily deal with it in an original or realistic way. After all, blockbuster audiences have more appreciation for special effects and big brawls than they do for the subtle and often tedious art of penetrating or defending a computer system.
For instance, the fourth instalment of the Die Hard movies (2007) is based on a relatively plausible scenario at the start: hacking the systems controlling utilities, transportation and telecommunications in the United States, with the stock market and the FBI as a bonus. The idea is all the more realistic as the brains of the operation is none other than a former head of computer security for the federal government, who had warned of the systems’ vulnerabilities, in vain. Yet this is a John McLane (Bruce Willis) movie, and federal CISOs are not the ones to stop the attack with patches and counter-measures. The badass cop is, with his guns and fists.
Keyboards and big guns
To be sure, he is squired by Matt Farrell (played by Justin Long, the “Mac” from the famous “Hello, I’m a Mac” commercial), a young hacker who plays the brains of the duo, but screenwriters are more insistent on cars crashing into helicopters than they are on neutralizing worms.
The same overindulgence in pyrotechnics and violence is found in Swordfish (2001), which portrays a heist against a CIA espionage backdrop. The film is a cliché of the genre: the hacker must get into a secure network in record time, his eyeballs bulging, frantically typing, with lines of code and instructions flashing up on the screen. The filmmakers lay it on thick, as Stanley (Hugh Jackman) must accomplish this feat with a gun to his head and a woman on her knees… doing her best to distract him. Subtle. The film uses a classic screenwriting trick: in order to carry out their cyber wrongdoing, the robbers must gain physical access to a specific computer, oftentimes well protected.
The same method is used by Brian de Palma in the first Mission Impossible (1996). Ethan Hunt (Tom Cruise) recovers confidential files from a highly secure computer room, while dangling from an air vent by a rope. Whereas the room itself is full of biometric security checks and censors (air pressure, temperature etc.), giving the agent a hard time, the computer seems to be in free access and Hunt can copy the files onto the floppy disk without any trouble! Nonetheless, through its sober yet dramatic intensity, this scene would become immortal.
Stuxnet in the spotlight
And if no scene from Hacker (2015) reached this level of fame, it’s probably because the film wasn’t great, as testified by its box-office bomb. Yet, unlike many in this genre, Michael Mann, its director, made a real effort to make the film credible in the cyber department. The movie starts off with a cyberattack that triggers an incident in a Chinese nuclear powerplant, which is directly based on the Stuxnet worm attack against Iranian nuclear sites. “RAT” (Remote Access Tool), “payload” and “zero-day” are peppered into the dialogue. The cybercriminals use proxies, infiltrate EdgeRouters to achieve their ends, and use phishing… even though the latter remains unconvincing, as it is rather perfunctory. Finally, the Nicholas Hathaway character, played by Chris Hemsworth, is based on the story of Stephen Watt, who wrote the code that enabled an accomplice of his to steal 135 million credit card numbers from TJX companies. After serving his two-year sentence, this 6’9” peaceful giant is now a computer security consultant.
Despite its effort in realism, the film didn’t trigger any reactions from the authorities, which was actually the case with Matrix Reloaded ! Admittedly, Scotland Yard’s Computer Crime Unit and the British Computer Society were unmoved by the revelation of the nightmarish world we supposedly live in, according to this sci-fi screenplay from 2003.
When Scotland Yard reacts to Matrix
However, these two venerable institutions highlighted a scene in which Trinity (Carrie-Anne Moss) hacked a powerplant using N-MAP, a vulnerability detection tool, citing it as an example of a “criminal act that should not be replicated”.
Nonetheless, the award goes to one of the oldest hacker films: WarGames (1983). A young and gifted hacker unwittingly accesses a military supercomputer programmed to simulate and predict nuclear war scenarios. Believing he has hacked into a videogame company’s computers, he launches a nuclear war simulation with the USSR… which nearly becomes a reality. Riveting and grounded in the angst of its time, the film found success beyond movie theaters. Well-researched, it sheds light on the dangers of computer networks, six years before the World Wide Web was created: the film is the reason why Congress enacted the Computer Fraud and Abuse Act.
While David Lightman’s character is young, as hackers often are, he does not have the traits often associated with hackers as seen by Hollywood: antisocial, uncomfortable in his own skin, too skinny or too fat, sci-fi or fantasy obsessed. The opposite is true, however, in Mr. Robot (2015-2019), broadcast in France by Netflix. A depressed, morphine-addicted computer nerd suffering from paranoid and dissociative identity disorder, Elliot Anderson (Rami Malek) feels he cannot meet people unless he first hacks into their computer accounts.
When subversion and hacking go hand in hand
His life takes a decisive turn when he is approached by “Mr. Robot”, leader of the FSociety anarchist hacker group. The latter intends to take on the E. Corp conglomerate in order to redistribute its wrongly acquired wealth.
The series is nonetheless a success. This is true stylistically, with a rich and complex plot and a number of filmmaking references: the hero’s mental disorders echo those of Tyler Durden in Fight Club (1999). Relying on the expertise of Kor Adana, an ethical hacker, the series is impressively faithful to the methods used at the time. All the tools are mentioned, from DeepSound to John The Ripper and FlexySpy. They get their supplies from the Dark Web, which is rarely mentioned on our screens. The hackers also use social engineering in an intelligent manner to achieve their ends.
As far as substance goes, the series’ social commentary hits the nail on the head, echoing the Occupy Wall Street movement from the early 2000s. The series also condemns the digital hold over our lives, a theme that is just as relevant today.
Speaking of which, we cannot conclude this article without mentioning what has become a cult series: Black Mirror (2011-2019), which was also broadcast by Netflix. Each episode shines a light on the potential drifts of existing or projected digital technologies: social networks, virtual reality, neuronal implants, videogames, drone swarms… Only one of its episodes deals with hacking, Shut up and Dance (episode 3, season 3). After accessing their accounts, hackers blackmail a group of people to make them carry out increasingly dangerous tasks. As in the other episodes, the technical part isn’t very detailed, even though it remains credible (with a measure of anticipation in some cases), as the series chooses to focus instead on the consequences of these projected technologies for Man. This aspect is seldom broached in films about hackers, but it allows us to take a step back from our already very digital lives.
- Cyber industrial safety
- Security and Stability in Cyberspace
- Cyber risks
- Operational security
- Antifraud action
- Digital identity & KYC
- Digital Sovereignty
- Digital transition