Spotlight On Burning Online Privacy Risks

Dissecting Mr. Robot TV Series

Despite the rapid development of web tools and computer security systems, online privacy remains a serious issue for most web users. According to some statistics provided by isaca.org, the total number of online security incidents worldwide grew to 42.8 million, leaving a great number of victims behind.

attack-stats

As one of the most genuine TV references to this burning issue, the 2015 cyber-thriller series Mr. Robot represents an interesting portrayal of the digital world and offers some insightful lessons on how online privacy could actually be reached.

Dealing with hacking, Mr. Robot proves that even some of the world’s largest conglomerates, embodied in E Corp in this fictional story, are not immune to it. Unfortunately, the material gain is not the only motivation for such transgressions. Sometimes, curiosity or even common malice can make any innocent bystander the victim of cyber breach.

Just take the example of the Mr. Robot protagonist, who has a complete control over his friends, associates, acquaintances or even random strangers’ privacy. However delusional Elliot is, most of his decisions are driven by moral principles. Now, the question is, what would have happened if this immense power were in hands of a real-life cyber criminal?

Precisely because it sets us in such a realistic scenario, Mr Robot points to some conspicuous threats we’re exposed to today.

1. The reckless use of social networks is the easiest way to get hacked

At the very beginning, Elliot states that online channels “are faking us into intimacy,” making “the world itself just one big hoax.” Not only that he hates everything social networks stand for, but also refuses to bow before them. By not being present on Twitter, Facebook or Instagram, he manages to remain untraceable to both his acquaintances and legal authorities.

Still, what makes Elliot despise social networks even more is people’s inability to understand that everything they like, post and tweet is completely meaningless. He uses his target’s innate desire to be sedated by virtual reality in order to hack into their lives. With all this in mind, you should make sure you use strong credentials for logging in to your accounts in order to keep your private data truly safe. Always remember that the more information you share online, the easier it is going to be for someone to get their hands on your privacy.

2. Your every password needs to be unique and non-transparent

Unlike in other similarly themed series, where hackers simply come up with one’s password out of nowhere, for Mr. Robot this process is far from common guesswork. This is best seen in Elliot’s explanation on how he managed to decode his therapist’s account by combining her favorite singer with her birth year backwards.

Namely, he possesses a brute force hacking tool, where he enters all the details from one’s life, such as their birth date, anniversary, pet’s name or favorite celebrity. Once all potential parameters are entered, the software further analyzes them and creates the list of possible password combinations.

The importance of creating strong and unique passwords is one of the most valuable lessons Mr. Robot taught us. When changing password, always make sure that you exclude your personal, easily predictable information, as well as the dictionary words that are easily cracked. Most importantly, never use the same password on multiple websites. Although it might be confusing, this step is vital for your privacy protection.

3. Regulated industries must meet security standards

With the adequate hacking tools and hard work, no person or institution is impossible to hack. The best reference to this statement is the Elliot’s explanation of how he managed to hack the hospital. What made its security vulnerable is the lack of both experienced IT department and adequate cyber protection equipment. Unfortunately, there are numerous real-life medical organizations dealing with similar problem.

What’s the most ironical about Elliot hacking his hospital with ease is that it is supposed to have all patients’ data under the maximum protection. Namely, if it ensured compliance with the Health Insurance Portability and Accountability Act (HIPAA), such things would be less likely to happen. With it, any hospital would be able to ensure that all the required physical, network and process security measures are in place and controlled.

4. Always protect your Wi-Fi Network

In the pilot episode, Elliot meets the coffee shop owner and accuses him of hosting child pornography websites. During the conversation, we find out that he managed to discover such information by observing the perpetrator through the shop’s public Wi-Fi network, which is a common scenario for the majority of public places. It only takes a little bit of technical know-how and adequate hacking software to intercept people’s activities on open Wi-Fi.

This is exactly where a VPN comes in. It is a virtual private network will tunnel your web traffic through an encrypted network, making it practically impossible for an Internet service provider, network owner and, most importantly, a nearby hacker like Elliot to track your browsing session.

5. Never connect a drive to your computer if you are not sure what’s in it

We all remember the scene when Ollie and Angela got a rap CD from an aspiring hip-hop artist, who later proved to be a hacker. Once the spyware CD was installed, the hacker was able to take the complete control over all their accounts and later blackmail them by threatening to use their webcam pictures, bank accounts and social network profiles.

Another example of how no one is immune to social engineering hacking techniques is the prison scene. Namely, in order to open the cell doors, Darlene scatters dozens of infected USB sticks. Ironically, it was the prison security guide who took the bait and endangered the entire community’s safety.

Conclusions

Mr. Robot performs a socially important function by raising awareness of the problem of hacking and offering a layman advice on how to protect ourselves in a hostile digital environment. Even though some of the aspects of hacking were definitely simplified for screening purposes, it still portrays this issue more faithfully than any of its predecessors. With all these facts in mind, you can focus on doing all that is in your power to protect your online privacy from vicious cyber assaults.

By Sarah Green

Gilad David Maayan
What Is SSPM? SaaS Security Posture Management (SSPM) is a set of security tools that an organization’s security team can use to gain visibility and manage security for their Software as a Service (SaaS) applications ...
Adam Cole
Mitigating Regulatory Risk Some of the great business opportunities for Unified Communications as a Service (UCaaS) integrators and Value-Added Resellers (VARs) have been the emergence of cloud, telephony and Unified Communications (UC) technologies such as ...
Louis
Why Services CPQ Is Too Slow Today When PS organizations compete in sales cycles, the first competitor to have a complete quote with accurate pricing, schedules, and an engagement plan will often win. However, getting ...
Derrek Schutman
Implementing Digital Capabilities Successfully Building robust digital capabilities can deliver huge benefits to Digital Service Providers (DSPs). A recent TMForum survey shows that building digital capabilities (including digitization of customer experience and operations), is the ...
Gary Taylor
Hybrid Worker Risks Organizations are under pressure to secure their remote workers, but they are also worried about the potential impact on user experience. Can they have it both ways without compromise? The pandemic has ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.