Hollywood reality check: "Blackhat"

By Don Jones on January 20, 2015

You know how these Hollywood blockbusters go when there's technology involved, right? It's something like this: "Hey, we need to hack into the NSA!" Followed by, "No problem, I'll just mash the keyboard a couple of times...and we're in!" Don't get me wrong, I understand the need for storytelling shortcuts, but sometimes suspending disbelief is so hard. "Blackhat" is a new hacker movie starring Thor Chris Hemsworth as the lead hacker. And it's got everything: a lady hacker, explosions, foreign intrigue -- you name it.

I learned several important, real life, indisputable facts:

  • A good hacker can not only hack, but win a bar fight, live through a gunfight, be superhero-buff, and have beautiful hair the entire time. Seriously, Hemsworth has a line on some truly magical hair product. And he gets the girl.
  • Steel shipping containers are less effective than you'd think at stopping automatic rifle fire. Magazines, on the other hand, are pretty good.
  • Everyone overseas, except the Chinese high command, speaks great English. Thank goodness, too, because I hate subtitles unless it's in anime.
  • Jakarta has kick-butt server hosting, and it's pretty affordable. But people there smoke too much, and the data centers are in sketchy neighborhoods.

What surprised me, though, was how basically accurate and plausible the actual hacking was -- within the limits of practical storytelling, of course. There was, in fact, almost no hackingThere was a lot of social engineering. Need to hack into a network? Get a temporary employee into the office, and stick some malware on the sys admin's favorite USB flash drive. E-mail a keylogger, disguised as a "password guidelines" PDF, to someone who's just been told to change his password. Yeah, some of the details were a little Hollywood-fuzzy, but the premise was sound: When you get hacked, it's going to come from the inside, and it's going to start with social engineering. It's actually a brilliant and relevant lesson to everyone in IT. Pretty much all the tech stuff in the movie could actually happen in real life -- and has

OK, in one instance, the "hack" was to get physical access to the server's drives -- extremely plausible, and one reason technologies like BitLocker can be important, by creating a distraction. Now, imagine someone breaking into your data center by causing a "distraction." Can't think of something distracting enough to make that happen? No? How about dropping a delivery truck through the roof? Hollywood! Still, not totally off base.

All that said, it's a terribly slow movie. I'm not exactly recommending it, unless you're looking for tips on surviving a gunfight by means of periodical-based armor. Yeah. But again, amazing hair product.  

Get our content first. In your inbox.

Loading form...

If this message remains, it may be due to cookies being disabled or to an ad blocker.

Contributor

Don Jones

Don Jones' broad IT experience comes from 20 years in the business, with a strong focus on Microsoft server technologies. He's the author of more than 45 technology books, including titles on administration and software development, and writes monthly columns for the industry's leading periodicals. He's an in-demand speaker at technical conferences and symposia worldwide, and is widely recognized as one of the top trainers in the Microsoft sector.