1995 saw a series of films come out about the internet, hacking, and cybersecurity. We don’t really get that in film right now. Why? It isn’t new and interesting or on the cusp of a burgeoning cultural moment. We experience all the issues daily.
Who is impacted by a cybersecurity incident? Everyone likes to think “not me!” (like with every risk, cyber or not), but that’s hardly the case.
Personally and professionally, with everything being digitized, both areas of your life is at risk. Cyber events are both direct or indirect attacks where you suffer or suffer by virtue of the fact someone else is suffering. Your personal information is stolen and you become a victim of identity theft. Businesses have issues of having their systems locked so they can’t service clients or they have information stolen so their reputation is in tatters. Infrastructure is constantly being tested, from the financial institutions to water treatment facilities.
There is a reason critical infrastructure (of which there are 16 different sectors) is guarded with business continuity – failure would be a grave risk to national security.
See what I mean when I say there is no reason to make this up to scare us? But what was scary – and still can be? Let’s take a stroll through the film archives of 1995 to illustrate some points.
Sandra Bullock starred as a cybersecurity specialist in “The Net”. The issues here were two-fold: how easily chaos can be manufactured with crashing the stock market, messing with air traffic control, and making the lights go out in Atlanta; and how much of our lives are accessible via the internet…which is not a novel idea anymore.
Sandra’s character’s plot twist is different – her identity isn’t stolen for use by another, it’s wiped out and replaced with bad qualities making her ability to get help impossible. All of this because Sandy stumbled upon the plans to create the above infrastructure havoc (the villains here targets 3 critical infrastructure sectors in one-fell swoop).
The suspense acts in this thriller are possible, and acts like those in the plot are getting tested every day. A recent example of a current attack on critical infrastructure comes from 2021. An alert employee at a Florida water management facility thwarted a cyberintrusion where a hacker changed the levels of lye used to make potable drinking water to dangerous levels. Lye, in large amounts, is corrosive to human tissue. There were safeguards in place even if it wasn’t caught in the moment, but it has become a proof of concept: this can happen.
Why did this happen, then, if critical infrastructure does business continuity? Well…some critical infrastructure management is privatized and the more local it gets, the less money there is for proper cybersecurity and business continuity planning.
Another movie aligns with the idea of hacking as a trade skill, used for good or evil. “Hackers”, an early Angelina Jolie film, demonstrates what good hackers can do: protect and defend. For the film, they are hobbyists and explore to see what they can access and find. The bad guy cyber type in this feature is Fisher Stevens who works for a corporation and uses his skills to exploit his employer for personal gain. How? Using a virus that siphons off money and deposits it into an account (like the one the movie “Office Space” did years later). If the scheme fails, there are disastrous consequences, which Jolie and team stop.
Ethical hackers would be similar, in that they access network security systems looking for weaknesses and vulnerabilities that can be exploited. There are limitations in what ethical hackers can do – they are timed limited where malicious hackers are not. Ethical hackers also have scope constraints and restrictions on their methods (can’t crash a system, for example, with a DoS attack) that malicious hackers can do.
Hollywood made a series of movies (there are plenty more) in the mid-late 90s about cybersecurity issues. It’s a good reminder that what was dreamed up as fanciful ideas are reality and still very much fodder for a suspense thriller…it’s just not new, which makes it, sadly, less interesting.
留言