Mr. Robot: Season 2 starts – just how realistic is it?

The much-anticipated second season premiere of the psychological thriller Mr. Robot aired in the US last night.

The TV show’s main character, Elliot, is a hacktivist – a hacker who tries to use his technical prowess to bring about real-world changes.

Naturally, the show has a lot of cybersecurity concepts in it, and it has won over many fans in the industry for its attention to detail.

While it doesn’t get everything right, it certainly makes much more of an effort than any other show in recent memory, with many real-world concepts, tools, and events in cybersecurity taking center stage.

There are plenty of sites that will review the episode from a plot and characterization point of view, so we’ll leave that to the experts.

Instead, let’s get down to the nitty-gritty of the security concepts in last night’s season 2 premiere, an episode with the geeky name of eps2.0_unm4sk-pt1.tc.

WARNING: SPOILERS AHEAD – SCROLL DOWN TO READ ON

Ransomware takes center stage

About halfway through the episode, we see Elliot’s sister, Darlene, deploying Cryptowall.exe via the Social-Engineer Toolkit (a real hacker tool written by noted cybersecurity expert and DerbyCon founder Dave Kennedy).

In the next scene we see E-Corp and all its network computers held hostage by ransomware.

The message on the screen shows that all of the company’s computers are locked out unless a $5.9 million ransom is paid in the next 24 hours.

The higher-ups then have to make the decision: pay up to get access to their files or try to decrypt the files themselves.

As readers of Naked Security know, CryptoWall is a genuine threat.

We’re not so sure about the ransom, though.

Cryptowall and other real-world ransomware typically asks for around $300-$600 (0.5 to 1 bitcoins), even when big corporations are its victim, simply because that seems to be the price point that works.

Any more, it seems, and our willingness to engage with the crooks begins to evaporate.

CnTIJljVMAAk810
The executives discuss what to do about their CryptoWall problem

The conversation between the E-Corp CEO, CTO and Counsel that follows is painfully realistic.

Many companies find themselves with no choice but to pay the ransom, which ironically contributes to the insidious success of the ransomware “industry.”

Other options, of course, are to restore files from backup or to try to crack the encryption.

The CTO very optimistically claims it would take the company “five days, tops” to decrypt the files itself.

Assuming that this variant of CryptoWall had implemented its cryptographic code correctly, like its namesake, and given the strength of the algorithms used by most ransomware, we think he’d be very disappointed five days later.

Cracking the decryption of properly-written ransomware is typically equivalent to finding a randomly-generated AES key that’s 128 bits long.

That’s not an undertaking you could expect to finish in a week, even with $5.9 million of computing power to throw at the problem.

In the end, E-Corp decides it’s not worth the fight and instead decides to pay the ransom.

The Haunted SmartHouse

In an arresting sequence early in the episode, we see a beautiful, modern home (owned by an E-Corp executive, of course) with all the luxury fixings.

The owner has a huge projector TV, a sophisticated security system, and all kinds of home automation devices.

These mod cons begin acting up: the home alarm starts ringing and won’t silence, and she can’t turn the TV or speakers off.

An annoyance, perhaps, but no big deal so far.

But then things go beyond a cheap prank and the scene becomes truly dangerous as her lights, hot water temperature, air conditioning and even her doors stop responding to her controls and go haywire.

It’s clear that someone else has taken control of her home automation systems to drive her crazy and force her out.

(In a fragment of dialog, you hear her on the phone with technical support: “Unplug what? Everything is inside the walls! That’s how it was installed when I ordered the SmartHouse package!”)

This scenario – the complete zombification of the house – is rather theatrical, but isn’t entirely beyond belief.

As more of our home devices move to the Internet of Things (IoT), an attacker might indeed be able to commandeer those systems and cause not just mischief, but actual harm.

Some IoT vendors have set about improving the security of their devices, but others are well behind where they ought to be be in security terms.

In that spirit, this scene is something of a “buyer beware” warning for those who want the House of the Future today.

Politicians taking notice of cyberattacks

There was quite a bit of clever editing in this episode.

The show spliced together many famous remarks about cybersecurity made by President Obama and former US Secretary of Defense Leon Panetta to make it seem as if these politicians were speaking directly about society’s actions at the end of Season 1.

In fact, many of the remarks used in President Obama’s Mr. Robot dialog actually came from the fallout of the 2014 Sony hack – a breach that was so massive in its scope that politicians couldn’t help but stand up and take notice.

The remarks from former Defense Secretary Panetta were even more notable, as his mention of “Cyber Pearl Harbor” is from a speech in 2012 about cybersecurity weaknesses in critical infrastructure that could cripple entire nations if exploited.

The concept of a digital Pearl Harbour, of course, is one that sticks in the throat of many security researchers.

Real-world information security cameos

One of the things that appeals to many researchers in the cybersecurity field in this show are the real-world cameos of security tools, concepts, and even personalities.

This episode didn’t disappoint, with Darlene using a real hacker tool called the Social-Engineer Toolkit to deploy ransomware called CryptoWall, and with real-world hacker @th3j35st3r getting a cameo mention in the footer of the malware itself.

Darlene was also running Kali Linux – a Linux-based operating system that runs a number of penetration testing and security testing tools favored by security professionals, including the Social-Engineer Toolkit.

Also, a few eagle-eyed folks in Twitter caught the cameo of Gregg Housh, former hacktivist and founder of Rebel News, though we have to admit that we missed it entirely.

What next?

We’re looking forward to seeing what the rest of this season has in store – and we’re sure there will be many more cameos to catch.

What about you – are you a Mr. Robot fan?

Did you see something we missed? Did you scan Elliot’s hand-drawn QR code in his journal?  

Let us know in the comments! (Yes, you may remain anonymous.)