Geeks for your information

Geeks for your information > Security > Security Vendors > Kaspersky > Kaspersky Security Blog > A modern take on the movie Hackers
Full Version: A modern take on the movie Hackers
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

harlan4096

16 September 20, 05:55
Quote:
[Image: hackers-movie-featured.jpg]

To mark the film’s 25th anniversary, we examine Hackers in terms of modern information security.

Several common misconceptions hinder the widespread adoption of cybersecurity culture. One myth — hackers are really smart, so it’s pointless to fight them —was popularized in particular by the movie Hackers, released exactly a quarter of a century ago. The movie gave rise to a set of clichés still employed by the film industry.

Indeed, the movie’s misfit heroes and their adversary, Plague, an infosec expert at Ellingson Mineral, are portrayed as highly intelligent geeks able to find and exploit vulnerabilities in any information system.

For example, the main character is equally at ease breaking into a school database and a cable operator’s network. Phantom Phreak makes calls from payphones to Venezuela without paying a cent. Even Joey, the group’s youngest and  least-experienced hacker, manages to gain access to the Gibson supercomputer at Ellingson Mineral. It all looks quite impressive (for 1995) but let’s take a closer look at the crew’s accomplishments.

Hacking a TV station

The protagonist, Dade (aka Crash Override), breaks into the network of a TV station to replace a dull show with something more captivating. He does so by calling the night guard, posing as an accounting employee who needs access to his computer, and asking the guard to read out the phone number on the dial-up modem.

On the one hand, it’s basic social engineering. On the other hand, it’s lunacy on the part of the company — and I’m not even talking about the haplessness of the guard. Why is the accountant’s computer on the same network that controls the broadcast? Why does it have a modem constantly waiting for an incoming call? Why is the phone number written on the modem?

While that intrusion is going on, it turns out another hacker is already inside the company’s network: Kate, aka Acid Burn. How did she get there? Well, the company probably has other computers with exposed modems.

Hacking Gibson

Novice hacker Joey breaks into the Gibson supercomputer. That is, he logs in through a modem from home using the head of PR’s super-secure account password, god. That’s despite every character in the movie (including said head of PR and Plague, who is responsible for the company’s security) knowing that the most common passwords in this flick’s reality are love, secret, sex, and god. What’s more, the head of PR has superuser rights for some inexplicable reason.

All told, the hackers’ “great” achievement is less about ingenuity than corporate fecklessness.

Plague’s skullduggery

The movie’s plot revolves around the cunning scheme of the hacker Plague, who works at Ellingson Mineral. He writes a piece of malware to salami-slice a few cents off every company transaction, and transfers the proceeds to a secret account in the Bahamas. That might have been an original plotline had a similar scheme not been deployed 12 years earlier in the movie Superman III. For some reason, everyone describes the malware as a worm, although the film says nothing about its distribution and replication.

Based on that information, can we really consider Plague a cybercriminal genius? Hardly. He heads information security at a company where no one apart from him has the first clue about the subject. And he’s in cahoots with the head of the PR department, effectively giving him carte blanche? It’s an insider attack; the problem is not so much a lapse in cybersecurity as the company’s recruiting policy.

Da Vinci virus

When Joey accidentally downloads part of the “worm,” Plague launches a virus (again, it’s not clear if it actually is a virus, or whether the writers just liked the sound of what in 1995 was a new term for most moviegoers) by the name of Da Vinci. The malware seizes remote control of the target company’s oil tankers with the potential to capsize them by pumping water into the ballast tanks. In fact, though, the “virus” is a red herring.

Plague is simply using it to (a) divert attention from the money-grabbing “worm,” (b) accuse Joey and pals of hacking into the company and ultimately blame them for the “worm,” and © turn them over to the Secret Service, get inside Joey’s computer, and find out what information has leaked — not to mention buy time for the malware to siphon off more cash.

In fact, such a “virus” is way too futuristic for that time. For a start, the very idea of a seagoing vessel in 1995 being permanently connected to the operator company’s navigation systems is crazy. First, the Internet is not needed for navigation either today or back then; the GPS system was already fully operational and available to civilians.

Second, for a ship to have been constantly online in the mid-1990s plays fast and loose with reality. Data transfer by satellite didn’t exist then; it would have required a permanent — and prohibitively expensive — modem connection over a voice line.

Moreover, tankers (which could be classified as critical infrastructure) do not have backup manual systems for ballast water injection control. The process is fully computerized. For that matter, a computer is perfectly capable of failing even without malware. In short, for the Da Vinci virus to work, someone would have had to lay the long and laborious groundwork to sabotage the merchant vessel, including at the stage of ship design.

Preparing for the showdown

The protagonists decide to stop the dastardly Da Vinci and obtain the full code of the “worm” to find out where the stolen money is being transferred. Their preparations are nothing if not thorough. But here the movie begins to go off the rails.

The hacker Cereal Killer impersonates a telephone company employee, infiltrates the building of the US Secret Service, and plants a bug there. (Why none of the employees, supposedly professionals, suspects a teenager in saggy pants is a mystery, as is his off-screen punishment.)

Dade and Kate sift through Ellingson Mineral’s trash and steal some papers. That bit’s believable — even today not every company monitors how and where its garbage gets chucked. But a perusal of the trashed documents handily serves up 50 passwords that can be used to penetrate the corporate systems. More a gusher than a leak.

The final battle for Gibson

The main characters ask the hacker community for help, and together they bombard the supercomputer with viruses. At this point, the film has finally lost all connection with reality. Unfortunately, we know nothing about the architecture of Ellingson Mineral’s information systems, and therefore can’t quite work out how a throng of attackers can simultaneously connect to Gibson, upload an assortment of viruses, and download the “worm.”

It is not even clear whether they acted over the Internet or somehow connected directly to the company’s internal modems. In any case, Plague somehow pinpoints the source of the attacks.

At this point, the curious phrase “Multiple GPI and FSI viruses” is heard. GPI stands for General Purpose Infectors, a long-outdated name for viruses that can be embedded in any executable file. FSIs, or File Specific Infectors, are viruses that target files of a certain format. In other words, the phrase basically means that the security team can see a lot of viruses.
...
Continue Reading
Geeks for your information > Security > Security Vendors > Kaspersky > Kaspersky Security Blog > A modern take on the movie Hackers