A Realistic Look at Cybersecurity Movie Moments
For National Cybersecurity Awareness month, we take a look at different cybercrime scenarios from recent movies and add some real-world insight. While Hollywood doesn’t always hit the nail on the head with their depictions of cybercrime and security, but the kernels of truth in their fiction inspired us to dig deeper. Some of these movie moments can lead enterprises and regular users to keen insight and useful security solutions.
A former CIA agent was able to access secure files through an old stolen laptop.
Over the past few years, we saw a string of massive, high-profile data breaches, from the recent Yahoo mega-breach to DropBox and LinkedIn breaches that exposed millions of users’ private information. As corporate entities collect and store more valuable data, the possibility that they become a data theft target grows as well. But, contrary to popular belief, the principal threat doesn’t come from outside actors.
According to Follow the Data, Trend Micro’s research into a decade of data breaches, old and unformatted devices and stolen devices are the most common causes of data breaches. Device loss accounts for 41% of all breaches compared to the 25% caused by hacking and malware.
Enterprises have to institutionalize stricter policies with the devices used by members of the organization—give employees the least level of privilege that their role or task requires. Enterprises should also make sure that laptops, smartphones and any other device is properly formatted before disposal. There have been instances of cybercriminals buying pre-used devices and recovering the stored data. The best way to get rid of old devices safely is to physically destroy the drive, or use professional services
In this scene,the character Q, the brains behind James Bond, plugs a criminal’s laptop into the M16 system. It proceeds to infect the organization’s entire network.
After the laptop is plugged in, malware is installed and spreads throughout the entire network. A few minutes later, the criminal was able to open automated doors, steal files and disrupt operations. Is it even possible?
Yes, the scenario is entirely possible, but not as dramatically—and very unlikely for organizations that invest in security and intelligence. It could happen if every system in an organization is connected to a single network, malware that infects one computer can spread throughout all the machines on the network—including any servers and possibly even data storage centers. And since many organizations work with different kinds of data that are accessed on their network (on and off their premises), this particular scenario is something they have to prepare for. Most companies already have enough stopgaps to make sure this doesn’t happen, with security solutions that can monitor network traffic and identify advanced relevant threats, or network solutions that limit the damage of malware.
Network segmentation is an effective solution that helps prevent data breaches and minimize the damage of disruptive malware such as ransomware. By creating different networks for machines with similar functions or endpoints in a larger environment, the system helps secure enterprise data, gives IT administrators better visibility of the virtual corporate environment to protect and monitor threats, and makes it harder for attackers to compromise the entire network. But it isn’t a silver bullet—network segmentation should be complemented by defense against malware and exploited vulnerabilities, as well as solutions that can detect suspicious movements within the organization's network.
A mobile game player suffers the consequences when the game abuses permissions
When it comes to popular games, many users don’t hesitate to click accept to give the game all the permissions and personal information it asks for—from GPS location and banking details to contact lists. While this affects users primarily, enterprises aren’t immune to this problem. Connecting to corporate networks with personal devices isn’t a new trend, but it does pose a security risk. If not properly implemented, careless users synched to enterprise networks through Bring Your Own Device (BYOD) programs can expose corporate data to other entities.
In the movie, the game uses information mined from their social media to tailor ‘dares’ suited to player’s personalities. Players who try to leave the game then find that their personal information is used to keep them playing. Their bank accounts emptied, their private photos leaked, and jobs were compromised—all using the information they handed over when they first started to play the game.
This is an obviously exaggerated scenario, but the dangers of abused permissions are real. Mobile users should be careful of the personal information they share, as well as the permissions they grant. It’s not just about individual safety and privacy, but also an issue that has the potential to affect entire organizations. Enterprises should embrace solutions that balance the productivity of a BYOD program with adequate security. A reliable mobile security solution can safeguard employee privacy as well as company data, while effective mobile device management (MDM) allows enterprise IT teams to set policies governing device usage. To protect corporate data, enterprises should also consider using a virtual mobile infrastructure (VMI), where corporate data is hosted on secure servers that can be accessed through a secure mobile app.
A character uses an authentication device to access restricted systems
Authentication is an ongoing problem for enterprises who need secure ways to log onto online systems. How can you maintain security in a way that doesn’t hamper operations and is convenient for users? Using two-factor authentication (2FA) is widely recognized as a versatile solution.
2FA requires users to provide two types of identification to access a device or site. The different types of authentication are: something you know (like a password), something you have (like a device that provides a specific code), or something you are (like a fingerprint). The device in the movie uses a fingerprint as a password, providing one type of authentication. In reality, this could be used in combination with a traditional password for even tighter security.
A malicious “IT guy” hacks his boss’ car and takes control
Our cars are becoming increasingly connected, and automotive companies are developing more sophisticated autopilot features for their vehicles. Consequently, car owners are becoming less involved in the actual act of driving, leaving a lot to the vehicle systems. But should people actually be worried about a hacker taking control of their vehicle remotely? The movies make it look so easy, but in reality it’s anything but.
Security researchers have demonstrated—in a number of ways—how a smart car can be hacked. But, these researchers had physical access to the car for months, and successful hacks only came after extensive research and experimentation. They were able to manipulate certain car features (like automatic doors or climate control) with a push of a button, and they were also able to control the steering and brakes within certain parameters. But while controlling a car remotely has been proven possible by researchers, we have yet to see these hacks applied in any actual situations.
Car companies have been taking these concerns quite seriously. Several have offered bug bounties in return for reported vulnerabilities, and others are establishing research facilities to develop safer and more secure autopilot systems. Various governments have also been alerted to the potential dangers, and have been drafting legislation to establish standards for connected cars.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale