Security Watch | Matt Hines » Hollywood gets hacking right

January 31, 2008 | Comments: (0)

Hollywood gets hacking right

TAGS: Security

Just like me, I assume that many other technically-informed viewers have found existing attempts to embed IT security plotlines into mainstream movies and television shows as somewhat pathetic and generally laughable.

In most cases -- whether it be in one of the seemingly dozens of crime investigation or cop shows, or bigger budget Hollywood productions -- the use of technology-oriented threats to scare or intrigue an audience has typically smacked of exaggeration, over-simplification or downright ignorance of the actual details of the security trends and attacks that many of us spend so much of our time talking about.

However, it sounds like the movie industry has finally gotten it right.

You've probably seen the current trailers at the movies and on TV for the new serial killer thriller "Untraceable," which opened at theaters this week. And while I've yet to make time to see it (despite the presence of the seemingly ageless Diane Lane in addition to the topical relevance with my job) at least one industry expert who already sat through the flick contends that the use of malware and hacking techniques employed in the storyline is truly on the mark and well researched.

David Perry, director of global education for anti-malware specialists Trend Micro, reports that upon seeing one of the first screenings of "Untraceable," he was impressed with the movie's displayed level of technical acumen.

Without ruining the story, and since I haven't even seen the film and have only a 10,000-foot view of its actual details, the plot revolves around a serial killer who is using a Web site to commit murder by using hits to the URL to deliver fatal blows to his victims. The idea is that the more people he can lure into peeking at his maniacal pages, the faster his prey is disposed of.

Diane Lane plays a Clarice Starling-like police investigator who tries to hunt down the operator of the "killwithme.com" operation who must navigate her way through all the technical trickery the murderer is using to hide his identity and keep his site from being taken offline.

Perry said that unlike other recent tech-driven thrillers, the details in "Untraceable" actually add up. Rather than filling the heads of less security-focused viewers with exaggerations and falsehoods, the movie may actually help aid people's understanding of some cutting-edge issues, he contends.

"Computer geeks (like me) get a real laugh out of movies about hacking and cyber-crime," Perry wrote in a review of the flick on Trend's blog site. "When a hacker movie opens you will find theaters in Silicon Valley or other computer tech havens full of people laughing at all the wrong things, and at all the things gotten wrong."

"To our amusement and dismay, these overblown, crazy overdramatic portrayals of hacking and cyber-crime are what set the public's understanding of all things cyber. People believe in the world described by these movies. It frequently makes them less safe behind the keyboard," he said.

"But not Untraceable, they got it all right," Perry writes. "The Web page was only used for a limited period of time, and was proxied and mirrored and botnetted all over the place, standard operation in cyber-crime. All in all, [it was] very very believable — well done to the screenwriters and researchers involved."

Mainstream movie critics appear to be giving the film mixed praise, but I'm definitely intrigued by this informed IT endorsement, so I'll likely cast off my preconception that "Untraceable" appeared to be sort of a thinly-veiled takeoff on "Silence of the Lambs" and get myself into a theater to see it.

I still think someone good like Steven Spielberg could turn Richard Clarke's "BreakPoint" into a compelling thriller on the potential of IT attacks to wreak absolute havoc if exploited in certain ways.

However, it appears that for now at least there's one tech thriller that did its homework on the types of whacked-out scenarios that could come to pass if people with the right hacking skills decided to try create them.

And, you know, this is Diane Lane that we're talking about.

Posted by Matt Hines on January 31, 2008 08:16 AM

RATE THIS ARTICLE: