renmic ilainie osykah
Tina Popielarczyk
I share a Netflix account with my parents and my sister (they get my Hulu login, though, so I think we're square). For the past couple of months, I'd noticed movies showing up under Recently Watched that I know none of us would touch with a ten foot pole. Stupidly, I dismissed this as a hiccup on Netflix's part, until I found out the awful truth: we'd been hacked.
It's shameful that someone who writes about tech for a living would just let such suspicious activity slide without further investigation, but it wasn't until I saw this Tech Insider headline that I wondered if the weirdness was more sinister than just a glitch. Motherboard's hacking and information security reporter Lorenzo Franceschi-Bicchierai pointed me in the direction of the website haveibeenpwned.com, where I entered my parents' email address. Lo and behold, we'd been pwned to the max, our login info dumped in a plaintext document titled "BunchaNetflixAccounts," along with the info from some 2400 other users. The document was posted on Pastebin, a site that temporarily stores chunks of plaintext and is primarily used by people sharing code.
The site notes that pastebins are usually only up for a few days, but I knew this had been going on for way longer than just this month. So I went to Netflix's site and checked the viewing activity for my profile, and sure enough there was stuff on there going back months. Curse of Chucky. The Passion of the Christ. One login thief seems to be really into drug trafficking, watching both the new Netflix original series Narcos and El Seor de los Cielos, a telenovela about a drug lord.
The breadth of the stuff watched strongly indicates a number of different people using our account. It's hard to believe the same person would be interested in watching Money for Nothing: Inside the Federal Reserve, Anchorman 2, and half a season of The L Word all in the same week. (If such a person indeed exists, I'd like to have a drink with them.)
Once someone gets inside your Netflix account, there's not a ton they can do aside from binge watch some Family Guy, because your credit card info is obscured by the site. The real danger lies in if you use your Netflix password for a bunch of other stuff too. In that case, anyone enterprising enough could do some real damage.
So if you think you've been hacked, here's what to do. Go to haveibeenpwned.com and find out if your data is out there. Change your Netflix password, and if any other accounts share that password you should change those, too. Franceschi-Bicchierai recommends using a password manager like LastPass or 1Password.
I don't think my family's Netflix hack has created any other issues, but we'll be taking better precautions from now on. Though I hate to begrudge people access to Curse of Chucky, they'll have to find some other way to watch it.
You don't need to be a cyber security expert to love watching hackers wreak havoc! Cybercrime and hacking movies have a special place in the world of cyber security. In many cases, they've pushed the envelope regarding what was possible and created an entire hacker culture that was hell-bent on replicating what they saw in the movies when they were kids.
Off the back of movies like Wargames and Terminator 2, security researchers lined up to see if ATM hacking was possible, and sure enough, it was! Barnaby Jack presented research at Blackhat in 2010 showing that ATM hacking was possible and coined the term Jackpotting, which is when an ATM empties its cash drawers.
In "The Beekeeper", Adam Clay, a former member of the spy organization known as the "Beekeepers," is impacted by the negative effects of a successful phishing attack against his elderly landlady. As a result, Adam takes it upon himself to find those responsible and take them to justice, discovering a web of corruption along the way.
This movie portrays a real-world voice phishing (i.e., vishing) attack that results in the theft of money from an elderly lady. Financially motivated phishing attacks against vulnerable and elderly individuals have grown in popularity over the past few years, particularly given that almost everyone has a phone or some form of access to the internet, and not everyone understands the tactics and techniques used by criminals to socially engineer and trick potential victims.
In "Kandahar", Tom Harris, an undercover CIA agent, pretends to be a repairman for a Swiss telecom company that has a contract to provide internet services for a town in Iran that also has a secret underground nuclear refinement facility nearby.
During the repair of an internet line, Tom installs a wiretap, which allows the CIA to intercept and modify all communications going to and from the nuclear research facility, which is then used to implant a trojan that maliciously infects the facility nuclear refinement systems, causing them to explode.
This movie shows a lot of similarities to the Stuxnet trojan that infected Iran's nuclear facilities in 2010, causing physical damage to centrifuges, which ultimately slowed down Iran's nuclear program.
In "The Fate of the Furious", a protagonist called Cipher is introduced who is a self-proclaimed "Master Hacker". During the course of the movie, Cipher performs several hacks. First, she hacks the traffic control system within a city and wreaks havoc, causing hundreds of cars to crash. Then, she hacks into a Russian Nuclear Submarine in an attempt to escape but is ultimately thwarted by Dominic Toretto.
While many of the hacks displayed in this movie are over-the-top and unlikely to be executed by a single individual, it does show the potential impact of nation-state-sponsored cyber attacks, where advanced and persistent threat actors can dedicate time and significant financial resources to inflict damage on opposing nations.
In "The Social Network", several scenes depict elements of hacking. When Mark Zuckerberg was still a student at Harvard University, he hacked the Harvard student registry database to collect personal information on freshmen and then released a website called "FaceMash," where women freshmen are ranked based on their looks. Later, Mark runs a capture-the-flag hacking competition to choose who their first intern will be.
This movie demonstrates the importance of protecting personal information and ensuring appropriate safeguards are put in place to ensure tools can't be used to scrape information at scale. The professional networking platform LinkedIn suffered a data breach in 2021 where attackers scraped 700 million LinkedIn profiles, collecting names, email addresses, photos, and more, because appropriate safeguards weren't put in place to prevent automated profile scraping.
In "The Matrix Reactions," Thomas Anderson, also known as Neo, is living a seemingly normal life as a successful video game designer. However, it's discovered that this is, in fact, a simulated reality, which is exposed by a rogue AI called Bugs. Bugs exploits a series of vulnerabilities in multiple simulated realities to help Neo realize his own reality isn't real.
This movie demonstrates the real-world consequences of mixing production data with test environments. In the movie, Bugs first sees Neo in a "modal," a simulated reality used for development and testing purposes for the Matrix simulation used by the rest of humanity. By discovering the real "Production" Neo in this test environment, Bugs is able to exploit vulnerabilities and compromise the "Production" Matrix with Neo's assistance.
In "Mission Impossible - Dead Reckoning Part One", Ethan Hunt and his team face a threat in the form of an advanced AI known as the Entity. Throughout the film, the Entity increasingly interferes in global politics, hacking into critical infrastructure, government, and the global intelligence apparatus.
This movie is an interesting juxtaposition with real-world AI systems that are becoming increasingly close to sentience, such as what the world has seen with ChatGPT and other Large Language Model (LLM) LLM systems.
"Blackhat" is a cyber-thriller that delves into the world of global cybercrime. The film follows Nicholas Hathaway, an imprisoned hacker who is released to assist American and Chinese authorities in tracking down a high-level cybercriminal. The story spans various international locales as Hathaway and his team chase a sophisticated hacker responsible for high-stakes financial and nuclear terrorism.
"Transcendence" is a sci-fi film that delves into artificial intelligence and human consciousness. The story follows Dr. Will Caster, an AI researcher who, after being attacked by anti-technology extremists, uploads his consciousness into a supercomputer. This leads to unforeseen consequences, as his thirst for knowledge becomes a seemingly unstoppable quest for power.
This movie explores the ethical and moral dilemmas of AI development and the blurred lines between human emotion and artificial intelligence. It's a thought-provoking narrative about the potential and dangers of advanced technology, which has the potential to hack into any and all internet-connected systems.
"Underground: The Julian Assange Story" is a biographical film that chronicles the early life of Julian Assange, the controversial founder of WikiLeaks. The movie focuses on his teenage years as a hacker in Melbourne, Australia, during the 1980s. It portrays Assange's development into a skilled hacker under the alias 'Mendax.'
This movie delves into Julian Assange's activities with the International Subversives group, highlighting his early forays into hacking and his evolving ethos regarding information freedom. The story sets the stage for his later activities with WikiLeaks and his impact on global journalism and information dissemination.
Julian Assange has built his career around information freedom, but not all information is suitable for public release. Remembering the privacy obligations that dictate how sensitive information is to be stored, used, or transmitted is essential.
"TRON: Legacy" is the visually stunning sequel to the original "TRON", set in the same digital universe. The story follows Sam Flynn, the son of Kevin Flynn from the first film, as he searches for his father, who has been missing for years. Sam's quest leads him into the digital world of the Grid, where he discovers his father has been trapped.
90f70e40cf