Debunking the Hollywood hacker myth: Inside a real cyber-security command centre
The depiction of hackers and cyber-attack in Hollywood films is typically so far removed from what really happens as to border on the farcical.
Everything from Jurassic Park to Swordfish, Die Hard 4.0, and the eponymous Hackers, all suggest that cyber-attacks take place in real time, can be tracked, visualised and more importantly stopped as fast as they've happened.
Even the most gullible film fan surely knows that this is not what happens in real life, but the question is, what does really happen in real life.
To find out I visited the command centre of Eset, one of the world's largest cyber-security companies, located on the River Danube overlooking the old town of Bratislava in Slovakia.
"Houston, we have a problem"
Watch any Hollywood film from the last couple of decades that has some cyber-attack element, and at some point we are likely to find ourselves in a big room with lots of computer screens showing lines and lines of code (written in green on a black background obviously), with everyone sitting under a couple of big TVs showing maps of the world.
As the cyber-attack begins, these screens would jump into life showing a computer virus as it spreads around the world in real-time - the imminent threat clear for all to see.
Stepping into Heuston, the name given to Eset's command centre (in an apparent play on Nasa's Houston and heuristic computing), the set-up is almost identical. There are banks of computers and three large TV screens showing world maps and blinking lights.
That, however, is where the comparisons end.
The room is deathly quiet, with the few researchers barley lifting their heads from their screens during my time visiting. No one is looking at the big TV screens.
Why are they there I ask? There is no clear answer. It seems the big screens are there for show more than anything else, as Eset says the researchers could get much more detailed information on specific attacks on their own PCs.
The room is not dark and moody. It is bright and airy, with a stunning view over the old town of Bratislava and the powerful Danube River. It also overlooks the Bridge of the Slovak National Uprising, better known to locals as the UFO bridge.
From the beginning
Cyber-attacks are not monitored in real time. There is no one shouting at his or her colleagues to try and stop an attack. This is just not how it works.
Cyber-attacks, from DDoS attacks to sophisticated, targeted campaigns by nation states, are typically complex and involved operations. Monitoring them in real-time is just not possible.
What Eset can do, and has been doing since the founders created the company in 1987, is track and analyse these attacks, protecting their customers against future attacks and trying to play catch up with the criminals who are typically one step ahead of the competition.
As Eset's chief technology officer Palo Luka said, the attacks we are seeing today are just the same as those that have been around for hundreds of years:
"400 hundreds years ago there were groups of people who were playing tricks, cons artists, and they were trying to scam other people somehow, and they managed to do it. If you fast-forward to today, this is exactly what is happening. There is a group of smart people who are willing and able to scam other people. What changed is the technology, and this technological change has made it easier for the bad guys," said Luka.
"Humans are the weakest link"
Eset has been around from the beginning of the emergence of computer viruses in the late 1980s, when programs like Brain attacked MS-DOS, and in the last 25 years has seen the industry change irrevocably - yet the weakest link Luka says remains the same:
"Humans are the biggest threat to security. Technology has changed and is getting better [at making things safer], but ultimately it's humans who get tricked and this will continue to be the problem."
2014 represented a new high watermark in terms of sophistication and volume of cyber attacks, with Eset helping to identify some high profile attacks including the BlackEnergy targeted attack, and Android ransomware Simplocker, which reflects the new front for cybercriminals on mobile devices.
While the Hollywood image of a cyber-security bunker may not be as exciting or cutting edge as we would like to think, the Eset headquarters overlooking Bratislava does contain one mysterious aspect - the 20th floor.
Officially, Eset occupies floors 16, 17, 18 and 19 of the Aupark Tower but we were told it also occupies a 20th floor that appears to be so secret it's not even listed on the building's lifts.
Whether this was a joke to fool a group of gullible journalists, or a real top secret layer, is unclear, but at least it provides some link to the clandestine representations of hackers and cyber-attacks which proliferate the silver screen.
© Copyright IBTimes 2024. All rights reserved.