We all know the stereotypical movie hacker when we see one. Films and TV shows are notorious for their terrible portrayal of hackers. You've probably watched scenes where some hacker furiously types on a keyboard while flashy boxes and code strobe the screen, paired with fast-paced music to raise the tension. These hackers say things like "we're in" or "I don't play well with others". That's not what real hacking looks like.
In 2015, the TV show Mr. Robot changed the game with its authenticity. It has even won praise from real-life hackers for its technical accuracy. Now, I know we are a little late to the party. The show has been out for six years, and we have only just started watching it. But damn, we are so glad we did! We've been able to binge-watch three seasons in a few evenings on Prime Video.
If you're a fan of Mr. Robot, you might be wondering, are the cyber-attacks in the show possible? Yes, the cyber-attacks in Mr. Robot are entirely plausible, however, it's no secret that they have been tweaked to make the show more interesting. So, what should IT professionals be doing to stop Mr. Robot scale attackers?
Today, we are going to look at five ways you can stop hackers like Mr. Robot in real life:
1. Distributed Denial-Of-Service Attacks
DDoS Attacks or Distributed Denial-of-Service Attacks are featured frequently throughout the first three seasons of Mr. Robot. A DDoS Attack is a cyber-attack where a server, service, website or network is flooded with Internet traffic. The hacker is trying to overwhelm the target (for example, the server) and render it inoperable.
There are three common types of DDoS Attacks:
• Volumetric - Volumetric Attacks flood a machine's or network's bandwidth with false data requests on every available port.
• Protocol - Protocol Attacks target the protocols used in transferring data to crash a system.
• Application - Application Attacks target weaknesses in an application.
DDoS Attacks can be catastrophic for any business, and you can't afford to be unprepared for such a debilitating attack. Therefore, you need to have a Denial Of Service Response Plan ready in case of a security breach so your organisation can respond as quickly as possible.
The Denial Of Service Response Plan should document how to maintain business operations if the DDoS Attack is successful, a trained response team, a systems checklist, detailed escalation procedures and a communication plan for your stakeholders, customers and vendors.
You should perform a Network Vulnerability Assessment and identify the vulnerabilities in your networks before a hacker does. This assessment will help you patch up your infrastructure in preparation for any cyber security threats.
What are the early warning signs of a DDoS Attack? You will have slow access to files, your website will be shut down, and you will get excessive spam emails. These are all symptoms of a DDoS Attack. If this happens, then the organisation should investigate.
2. Social Engineering
Social Engineering is a big part of a hacker's toolbox. It is often used to get information or access in preparation for a much larger attack. Social Engineering is the art of manipulating people, so they give up confidential information. The most vulnerable element of any system is the human element.
Hackers can trick you into giving them your passwords, banking information or even access to your computer to install malicious software. In the first season of Mr. Robot, F Society implemented Social Engineering techniques to breach a Data Security Facility called Steel Mountain.
Social Engineering Attacks, such as Phishing has always been a popular method used by hackers to trick victims into surrendering sensitive information such as login credentials. Most organisations use email security to block Phishing Attacks; however, hackers are becoming more and more sophisticated with their techniques. It's usually a high reward strategy to retrieve user credentials.
You must be cautious, apply common sense and validate emails when appropriate. In addition, employees and IT Departments should be made aware of unexpected requests. You should always delete any request for financial information or passwords. If you receive a request for help from a charity or organisation with which you do not have a relationship, delete it. You need to set your spam filters to high and secure all of your devices with anti-virus and firewalls.
3. Insider Threats
In Mr. Robot, Angela Moss shows us that Insider Threats can be especially dangerous when she abuses her access at E Corp to steal sensitive information. Hackers will work hard to penetrate the organisation, but it's much simpler for someone on the inside. Insider Threats have authorised access to computer systems and networks that can cause harm to the business. Insider Threats manifest in various ways, whether that's through violence, espionage, sabotage, theft or cyber crime.
Insider Threats can happen in any sector or organisation. The Insider Threat is often a current or former employee, third-party contractor or business partner. Here are some ways you can mitigate Insider Threats in your organisation, regardless of its size and maturity level:
Control Remote Access From All Endpoints - You should deploy and properly configure wireless intrusion detection and prevention systems, as well as a mobile data interception system. Regular reviews should be conducted to determine whether employees still require remote access. If a staff member leaves the organisation, then remote access should be terminated immediately.
Identify Assets And Prioritise Risks - You need to determine where your valuable assets reside and who can access them. Then, you can prioritise the risks and continuously enhance your IT security infrastructure according to risk priority.
Document And Enforce Policies And Controls - All security software solutions, and appliances should have their own management policy and configuration documentation. You should work alongside HR to create policies for nearly every employee interaction with the IT environment. It's important to document what actions will be taken if a policy is violated and your investigation identifies the culprit.
4. USB & Bluetooth Hacks
In Mr. Robot, the main character Elliot Alderson is forced to change prison records to save his new girlfriend Shayla Nico. Elliot drops a load of infected USB sticks around a Police Department car park. The goal is for one unsuspecting Police Officer to plug a USB into their work computer, granting Elliot remote access to the Police Department's data.
All it takes is for one person to give you a malware-ridden USB stick, and just by plugging into your computer, you're infected. In addition, hackers are now using cords to inject malware such as USB cables or mouse cords. So you should always be careful when you are plugging anything into a work device.
Hackers can also use advanced software that automatically detects nearby devices connected to Bluetooth. Then, they will proceed to infect your device with malware. In some instances, this method can be successful without needing to be paired with the device. If your device is compromised, the hacker can intercept or redirect phone calls, access banking information and spy on you in real-time.
To stay safe and prevent USB attacks, you should keep your personal and work-related USB sticks separate. If you don't know where the USB stick came from, then don't use it. There are ways to disable autorun features on your device, which will prevent any unknown files from launching on it without your permission. If you have already plugged a harmful USB into your device, disconnect it from the Internet and restart the device immediately.
So how do you avoid becoming a victim of Bluetooth hacking? First, you need to get into the habit of disabling Bluetooth on your devices when they are not in use. Then, you need to turn off any file-sharing services that rely on Bluetooth, such as Airdrop, unless you are transferring files from a trusted source. Finally, the antimalware app can be installed on your Bluetooth-enabled devices. Suppose a hacker does attempt to break into your device. In that case, the app will block all suspicious activity and keep your device protected.
In Mr. Robot, Elliot Alderson hacks everyone in his life. But, if you have ever attempted to crack a password, you'll understand it isn't exactly straightforward. Cracking is a technique used by hackers to breach software or an entire computer system. Here are some of the different types of attacks:
Remember every sign up you've ever done telling you not to use 'password' as your password? Not to use words? That's because of Dictionary Attacks. Dictionary Attacks go word by word through the dictionary, hoping a user has a word as their password. Oh, and don't expect using multiple words to be very effective against this kind of attack - they run through those as well. But, with a computer dedicated to cracking passwords, it won't take long.
Brute Force Attack
When chewing up a dictionary doesn't do the trick, it's time to move along to the next stage, a bigger dictionary. Brute Force Attacks target dictionary words and non-dictionary words. It moves through number and word combinations, so the password of "passw0rd" isn't going to stop hackers. However, from the hackers perspective, Brute Force Attacks are slow and extremely heavy in processing power requirements.
Companies don't store passwords as plain text for anyone to read. Instead, passwords are converted into hashes - the numeric value of an encrypted password. So if a hacker wants to find the numeric value for your password by a Rainbow Table, they will quickly find it if the password's numerical value is already recorded.
To defend against these attacks, programmers can add 'salt' to the algorithm will ensure a much safer password. This essentially adds extra random digits to the password to make them more uncommon and unlikely to show up on a rainbow table. As a user, however, you can aim to be as unique as possible in your password choices to limit the possibility of your password hash already being available online. It may not stop someone from cracking your password, but it may prevent you from being the chosen target if hackers attempt to break into as many different areas as possible.
In short, passwords are only as secure as we make them. Users who underestimate the risks and choose weak passwords open the door to security breaches. Have you ever wondered why websites require a minimum of eight characters in a password? The reason is that the longer your password, the more time is needed for a hacker to crack it. We understand password security measures can be frustrating, but they are based on mathematics and designed to help protect you. When creating a new password, use a combination of upper and lowercase letters, numbers and symbols. Stick to long passwords (around 20 characters) with various characters, numbers and cases. It will ensure robust online security for years to come.
Not Every "Hack" Is Bad, And Not Every Hacker Is A Criminal
How do you protect your organisation from Mr. Robot? You need to think like a bad guy. A Certified Ethical Hacker (CEH) is a skilled professional who can look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools used by malicious hackers. Our wide range of training courses will help you build fundamental to advanced Cyber Security techniques:
Certified Ethical Hacker (CEH)
Managing Cyber Security Risk
Certified In The Art Of Hacking
Certified Cyber Security Foundation
Certified Cyber Security Practitioner
Certified Cyber Security Combined Foundation & Practitioner
CISA - Certified Information Systems Auditor
CGEIT - Certified In The Governance Of Enterprise IT
CISM - Certified Information Security Manager
CISSP - Certified Information Systems Security Professional
CISMP - Certificate In Information Security Management Principles