Mr. Robot Gets Hacking Right. Here’s How

By on Jul 20, 2015

If you have an interest in cybersecurity and popular culture, do yourself a favor now: go watch Mr. Robot, USA Network’s latest original series. It’s a show about hackers, political intrigue and the nature of power, but more than that, it’s great television.

If you’re still on the fence about committing to a 45-minute show, here’s what you’re missing out on: a great physiological drama that uses hacking as a means of telling a story, rather than playing up hacking as a task as simple as slamming on keyboards to instantly crack codes.

The overarching plot of the series, so far, is this: Elliot Alderson—cybersecurity engineer by day, vigilante hacker by night—is recruited by an elite hacker group called “FSociety” to help take down E-Corp, a conglomerate said to own most of the world’s debt. Elliot works for a struggling company employed to protect E-Corp from hackers like FSociety. FSociety’s goal is to eliminate that debt’s data in particular, in an effort to free countless people from debt payments. This conflict puts Elliot in the center of a moral battlefield. All fine and good as far as plots go, but it’s how Elliot—or Mr. Robot—pulls off the small details that makes it stand out.

Let me explain.

Over the course of the pilot episode, E-Corp suffers what’s called a Distributed Denial of Service, or DDoS, attack. This attack is a type of malicious activity that floods an organization’s servers with so much traffic that legitimate visitors can’t gain access to a network. It’s a bit like the highway rush-hour: everyone’s packed in and no one is going anywhere, but in this case the majority of cars are driverless.

As an aside: DDoS attacks are relatively common. They’re fairly poorly-executed attacks often used by pretty low-skilled hackers, simply wanting to knock a website offline in order to gain attention. However, in the right hands, DDoS attacks can be harbingers of far more serious, far more troublesome attacks.

And that’s exactly what happens.

Elliot is brought in to stop the DDoS attack and does. In the course of doing so he discovers the attack is a vehicle for a more serious attack: a root attack. A root attack (or rootkit) a stealthy sort of malicious program that both a) hides its presence extraordinarily well on a system and b) grants the cybercriminal privileged access to a computer or network. In this case, the attack threatens to infect multiple E-Corp servers and Elliot, again, is tasked with stopping it.

After an intense scene, Elliot succeeds. But it turns out the attack is more of a message—a message for Elliot hoping that he’ll join FSociety in taking down the very company he’s employed to protect. I’ll let you tune in to see the rest.

What I like about Mr. Robot is that it clearly presents actual cybersecurity techniques and issues, in a way that is digestible for viewers unfamiliar with them. Yes, sometimes cybersecurity engineers play both sides of the field for both good and ill; yes, Tor, a network allowing its users to browse the Internet anonymously, can be broken. There’s no one that stops and explains these things to the viewer, but all presented concepts are easy to understand regardless.

While there are some inaccuracies, they are almost always in service of plot. Like I said about Blackhat: one of the most difficult things to translate onscreen is an appropriate sense of time. It takes a lot of time for some programs used in cybersecurity to perform tasks. It also takes a lot of time for hackers to do the research, planning and execution to make successful cyberattacks happen. It takes months of planning and monitoring for cybercriminals to execute every successful breach you see in the news.

Mr. Robot also hits the nail on the head around hacktivist mentality—hackers who hack for apparent social justice causes. A lot of hackers don’t see themselves, or their actions, as criminal. Some believe that they’re righting wrongs by compromising and exposing secrets. And in some cases, as we see with Elliot in the first few minutes of the pilot, they do just that. But a natural conflict arises when innocent people get caught in middle. It makes for a good story.

Overall, I think Mr. Robot is likely the closest we’ll get to an accurate portrayal of hacking on television. Cybersecurity may not be the most glamorous line of work, but it can be very intriguing.

For more articles and insights, stay on top of the latest consumer and mobile security threats by following @McAfee_Home and myself on Twitter, and Like us on Facebook.

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs