Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Blackhat movie: The Good, the Bad, and the Ugly

Maria Korolov | Feb. 3, 2015
If you still haven't seen the new movie Michael Mann movie "Blackhat" with Chris Hemsworth playing the lead, you won't be getting any new insights into how hackers work.

Maybe movie criminals do business with different kinds of banks, but in my experience, wire transfers require paperwork, a lot more information than just the destination bank account, and take a couple of days to go through.

Though I do have to give this bank props for not transferring the money one dollar at a time, the way most other movie banks seem to do, while showing a progress bar and a convenient "abort" button that makes the money go back again — but also one dollar at a time.

Meanwhile, the NSA has been upping its security as well. The system Hathaway was after should have been a lot harder to get to.

"Such a system would not be on the Internet with just user name and password authentication," said Schmidt. "Even if the system was connected to the Internet, some strong authentication would be required. The fact that our hero could just log into the system from China via the Internet, that would not happen."

Good: The terminology was real

Thanks to the consultants who worked on the movie there was a lot of accurate terminology in the movie, from the Unix code used, to the discussions of remote access Trojans and Onion routers, to the programmable logic controllers.

When Hathaway communicates with the bad guys, he does so through a server.

"He's on a Bash shell, that was real," said Derek Manky, global security strategist at Sunnyvale, Calif.-based Fortinet Inc. "That was pretty surprising to me that they used real commands and that was a real way to communicate. Other movies don't use that — it's usually fantasy interfaces with message that pop up on the computer."

The IP addresses weren't realistic — some of the numbers went above 255.

"But I'm pretty sure they did this intentionally, not to advertise anyone's IP addresses," Manky said.

Bad: Real hackers prefer IRC

The Unix write tool is old-school terminal-to-terminal, said Schmidt.

"It's not totally off-base, but it's not the tool that the bad guys and good guys use to talk in real life," he said. "It's almost always over IRC."

IRC — Internet relay chat — allows for both group discussion channels and private messages, and, though it dates back to the early days of the Internet, back before the Web, it is still being used for communication.

"IRC is a great way to do that anonymously and pseudoanonymously," said Schmidt. "Most of the big botnets, their command and control leverages IRC. When you're negotiating a ransom, its almost always over IRC ... and nowadays over Twitter."

Ugly: Banks aren't people?

Hathaway is the movie's protagonist, so there's always an excuse for what he does. He robbed banks because he couldn't get hired with a conviction on his record. And, as he points out in the movie, he didn't steal from people. Just banks.


Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.