IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Hacking Hollywood: Meet the man getting big screen cybersecurity right

Movies often gets hacking wrong. Ralph Echemendia is trying to put that right

When telling a story, it's sometimes easier to pretend the modern world doesn't exist. Somehow it's hard to imagine anyone checking into the Bates Motel after checking its TripAdvisor page. Likewise, you probably wouldn't watch the video in The Ring if you'd seen its IMDB ratings.

But you can't ignore the modern world forever, and as some kind of hack or data breach seems to crop up on a weekly basis, it's unsurprising that Hollywood is taking notice, slowly introducing hacking and cybersecurity into modern movies.

You may not know his name or face, but Ralph Echemendia has a lot to do with that. As well as providing security training to the likes of NASA, Google and Microsoft, Echemendia has provided technical consultation for films and TV series where hacking is integral to the plot, like Mr Robot and Snowden.

The need for a cybersecurity consultant was once unheard of, but with hacking and data breaches in the news every week, it was only a matter of time before art had to imitate life. And more convincingly than it once was: we've come a long way from 1995's Hackers ("a cult phenomenon and we love it, but it's not accurate at all," opines Echemendia.)

"Hollywood likes to see what's in the news and what's happening in the world and build things around it," Echemendia tells me over the phone. "It's no longer a subculture: it's now a culture. There's a lot more interest in Hollywood to writing about that culture and making stories around it." Perhaps the 2014 hacking of Sony Pictures focused the mind of writers and producers over what had become the part and parcel of our daily digital lives.

Art imitating life

Of course, having an interest and a budget doesn't guarantee quality: take Black Hat, for example ("awful," says Echemendia, and IMDB's audience of critics seems to agree). Still, the Venn diagram between "realistic hacking" and "watchable" is slowly beginning to populate. "I think they're getting a lot better," says Echemendia. "Mr Robot has been very accurate with how it happens in the real world and being able to properly adapt that to a screenplay format.

"You can't go into these projects with the idea that they're going to be completely accurate: it's still a movie. It's usually only seconds in a movie, for the most part, so it's not as critical as the real storytelling behind it."

That's true but given a basic understanding of online safety is essential nowadays, do films have a responsibility to adhere to accuracy? Echemendia agrees with this: "Whether it's seen as such or not, it's still processed as education in some way so there's a level of responsibility for films to better educate. There's no better way to educate than to entertain.

"The future of science and innovation comes from what's on the screen too. The five-year-old kid watching Star Trek was later a scientist responsible for the creation of cell technology and now we have cell phones."

If you're thinking that actors, directors and assorted Hollywood bigwigs would be on top of their security by dint of being easy targets, you'd be wrong. "The crazy part about it is that you'd think there would be more security because of the level of visibility, fame and notoriety, but the truth is that actors, directors and writers really aren't that different from the everyday consumer," he explains. "They tend to be a lot more aware afterwards -- the majority of the crew working on Snowden have become a lot more security savvy," he adds. Many have stayed in touch, and continue to send questions. "They don't necessarily believe that message came from the director now," he adds.

The human problem

I'm talking to Echemendia shortly before he flies to Portugal for an appearance at the annual Web Summit, where he promises he'll be hacking a member of a panel audience to demonstrate how easy it is -- even with the security-conscious audience of a tech conference. At the time he has a few plans of attack in mind, but it all comes back to using technology against humans: the weak link. "I try and play with their device in such a way that they believe something that isn't true," he explains. "You trust what you see. So I can make them see things that aren't true. The vulnerabilities lie in the people, rather than the technology."

Humans are the weak link at whatever level Echemendia deals with. Even at NASA, he was surprised at some of the mistakes being made. "This is NASA, it's the holy grail of nerds," he jokes. "I was surprised -- not so much with what they were doing, but what they weren't doing and what they weren't aware of.

"It's everyone, it's not a technology issue. This is a people problem, and we tend to think that it's an issue that can be resolved either by governments, regulatory clients or companies being held accountable when the truth is the biggest problem is you: the person using the technology."

Ah, squishy, fallible humans. So if this human wanted to be slightly less fallible, what's the one piece of advice Echemendia would offer? "Common sense," he replies. "Technology provides convenience, and convenience always comes with a price. We know that when we go to a convenience store we'll spend an extra dollar on milk, but we know it's more convenient than going to the store. We don't know what the cost is with technology. We've lost all common sense with what we're doing with it."

"It's just a tool, don't forget that." If anything can get that message across, it's the magic of cinema.

Main image credit: Zachary Balber

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022