What Mr. Robot Can Teach Businesses About Network Security

MrRobot_BlogPost_We here at EfficientIP love a good scripted drama…and with the return of the USA Network series Mr. Robot last week, we’re ready for a summer of mixing business with pleasure. If you’re unfamiliar with the show, a basic plot synopsis: Hacktivist group FSociety is on a mission to overthrow E Corp, a conglomerate that manufactures phones, computers and devices, and also happens to run a giant banking and consumer credit division. Led by unhinged vigilante hacker Elliot Alderson, FSociety succeeds in resetting debt worldwide by wiping out ‘Evil Corp’ records through a series of attacks on company servers and backups. Panic ensues, a new age dawns as markets struggle to recover, cue Season 2.

Mr. Robot is widely considered to be the most accurate portrayal of hacking ever seen on television, and doesn’t cut corners when it comes to realism. Almost all of the attacks shown are plausible, if not inspired by true events- even the screenshots of command prompts are painstakingly fashioned to be genuine. Given the recent barrage of cyberattacks on businesses of all kinds, what lessons can companies learn from this all-too-real fiction?

DDoS Attacks Can and Will Be Used Against You

Distributed Denial of Service attacks are used to overwhelm a server with queries that appear legitimate, making it unreachable. Websites and applications are effectively useless, and hackers can exploit the imbalances in the query data. This attack is used on the show to initially gain access to E Corp, used as a smokescreen for a rootkit and malware infiltration. According to our 2016 DNS Threat Survey, DDoS ranked second globally for attacks faced by respondents within the past year. An Arbor Network Study further confirms this trend, that the DNS is likely to be the most commonly attacked protocol in 2016 (presenting significant operational threats to service providers, data centers, as well as enterprise businesses). With the increasing deployment of IPv6, DDoS attacks on this service will be a top concern.

Zero-Day Attacks- The Covert Assassin

Zero-day attacks may be the most dangerous exploitation of security holes, given the fact that they are unknown, and no correction methods exist in the moment to fight them. If you’ve heard of Stuxnet, then you know of the inherent peril and race to mitigation that accompanies zero-day. In the Season 1 finale of Mr. Robot, the FSociety team releases a zero-day malware attack on the E Corp network, rendering the company’s data completely inaccessible with iron-clad AES-256 encryption. E Corp is left scrambling and helpless with no record of citizen debts. In reality, almost all malware uses the DNS service protocol in one way or another to carry out such an attack. How many people- and dollars- can truly be spared during a malicious hack, and how long will it take them to rectify it? Businesses need to seek out security systems that can help them detect and analyze illegitimate DNS traffic before the damage is done. See our hacking video on zero-day attack.

Purpose-Built Solutions Are a Better Defense

In the show, Elliott and the team already know they will be blocked from the usual entry points to the impenetrable Steel Mountain network, forcing them to come up with a more creative workaround for access. Ultimately, the weak link in the data storage giant’s network ends up being the climate control system, but the true purpose-built solutions perform their jobs correctly from the outset to keep trouble at bay. At most modern companies, web traffic or email filtering solutions are put in place as core security foundations. Given this, why aren’t more companies focused on a similar dedicated DNS security system for protection? Having an in-depth understanding of the protocol is the only way to get precise and real-time threat detection capacity while ensuring adapted countermeasures. Purpose-built solutions can offer adaptive technology such as switching seamlessly from one DNS server engine to another during a zero-day attack, or absorbing volumetric attacks to continue to allow legitimate traffic.

While Mr. Robot is likely to provide more twists and turns as this season progresses, it’s important to recognize the realities. We root for FSociety throughout the series, but in actuality, jobs and lives can and have been ruined by such acts. In a world where our cyber enemies grow smarter every day, businesses- corrupt or otherwise- must worry about their network safety and countermeasures. In the words of Elliot, “I only need to press one key to run the exploit”.

Posted in:
12 September 2019 We here at EfficientIP love a good scripted drama…and with the return of the USA Network serie...

EfficientIP