Sat. Feb 4th, 2023

Ja, het is een eerbetoon aan een beroemde hacker (<a href=nice gesture). “/>

Yes, it’s a tribute to a famous hacker (nice touch).

USA Networks / NBC Universal

Warning: This piece contains minor spoilers for the episode of Mr. This Week’s Robot (S2E1)

Near the break of From Mr. Robot two-part season two premiere, fsociety hacker Darlene fires up her desktop computer and opens something called the “Social-Engineering Toolkit.” She scrolls through a list of options, including a “Java Applet Attack” (executed via a Remote Administration Tool), then chooses to unleash the “F-Society Cryptowall”. Suddenly cashiers and senior employees of one of the world’s most powerful banks are all staring at the same screen (above).

Ars readers will recognize this as another example of art imitating life. And if From Mr. Robot premiered, the episode was based on a cryptoransomware storyline that could have been ripped from any number of headlines, including those high profile Maryland hospital hacks. Similar to that real-life result, executives at fictitious E-Corp decide they can come up with and eventually pay (or at least plan to pay) the requested $5 million in the couch cushions.

Like everyone from Wired to Forbes will tell you, the whole thing has tremendous accuracy. But the most impressive part: the writers initially wanted to do a whole different kind of hack. The ransomware approach had to come about in the short term.

“We went in a different direction, but when we started to peel the onion – which systems should we compromise, how would this spread and move laterally around the systems? – we hit a hiccup that we couldn’t reach enter into this system easily,” Andre McGregor, the show’s FBI adviser, told Ars. “Sam [Esmail] said, ‘Well, if we can’t, we can’t. We’re not going to try to make it work, pretend it works, or use art magic to make it work. We will have to rewrite everything.”

If Mr Robot turns out to be the best representation of hacking culture in pop culture, the likes of McGregor will be a big reason why. Tanium’s Director of Cyber ​​Security joined Mr Robot as a consultant to S2 after show creator Sam Esmail met the company at CES. Before his last position, McGregor spent his entire career in IT and security. He worked as an engineer at Goldman Sachs and became an IT director elsewhere before the FBI called. “The FBI recruited me to come to the academy, and they taught me how to take hits, arrest people, shoot a gun, and then say, ‘Let’s go fight some bad guys who hack,'” he said .

McGregor worked with the FBI in the NYC office during some of the most high-profile hacks in the 21st century: incidents involving China, Russia, Iran, Anonymous and Lulzsec. “There was never a quiet day as an FBI agent in NYC,” he said. “There were times when I had trouble sleeping.” In this week’s Decrypted podcast (hosted by yours truly), he mentioned a few specific examples, such as Iran hacking US water dams and China exfiltrating US data.

TV hacking via Metasploit

Fortunately, hacking for television has proven much less stressful for McGregor. He now brings almost unparalleled knowledge of both the bad guys and how the FBI would react to them From Mr. Robot writers room. Look for that red-headed FBI agent from the premiere to stay a little longer in S2.

“Sam is very much about accuracy,” McGregor said. “He didn’t want to do or say anything that wouldn’t be done in the field, nor by agents, nor what would be done in response to a cybersecurity attack. So as the show goes on, you should think such an attack [like the five/nine hack on E-Corp from S1] would warrant a response from the government… This is exactly how our government works today. If there is a major break-in, we need a response team.”

Tanium Director of Cyber ​​Security Andre McGregor
Enlarge / Tanium Director of Cyber ​​Security Andre McGregor

Tanium / Outcast desk

While he didn’t work on S1, McGregor admires what the show has done so far. Things like the Raspberry Pi hack or the mass spear phishing of emails were “exactly what I lived and breathed every day at the FBI.” In particular, the integral role of the Dark Army—From Mr. Robot mercenary Chinese hack outfit – puts a smile on McGregor’s face.

“I have lived and breathed in China for so long; it’s interesting to see it on TV,” he said.” Watching a program like Mr Robotyou put it next to something like CSI: Cyber, and you say, “Finally – a show that reflects the work I do and the intricacies of hacking.” In many ways it’s easy to do – I can open Metasploit, create a package and access it – but in many ways it’s very complicated and not easy to show on TV.

As for the ransomware attack in the season two premiere, it represents standard operating procedure for Mr Robot‘s writers. All ideas start in the show’s core writers’ room (which met for S2 last fall), and consultants like McGregor come in later in the process. When McGregor met with staff in January, the framework of S2 episodes was already in place and he was able to contribute ideas to increase the show’s accuracy. With this particular hack [what became the ransomware attack]everything was in place,” McGregor said. “But when I got to do the technical screenshots, I realized it wasn’t feasible.” (McGregor wrote a bit more about the process on his Tanium blog.)

You read that correctly. For a hack to appear on the show, writers and consultants will attempt to perform it in real life. It’s a big reason why screenshots of those lines of code inspire many a blog post. When McGregor’s original white hat test failed, he went back to Esmail and the writers, who enabled McGregor and lead technical writer Kor Adana to come up with a more viable alternative.

“We wanted to do a big hack in episode one that affected E-Bank, and one of the ideas we came up with was to use ransomware — it’s very current and it affects businesses today,” McGregor said. “So I got a chance to dust off my pen-testing skills from the FBI. I opened up the Metasploit framework, made some tweaks, and what was shown [in the episode] was kind of my own technical artwork for the show. That’s pretty cool.”

McGregor joked that he might need to save his own screenshots from the episode to share on social media, but he admitted an even cooler memory will be revealed this season. During our conversation, he mentioned that a character would appear on the show in his honor called “FBI Andre,” similar to how fellow consultant James Plouffe had a doppelgänger in S1. However, Plouffe’s TV parallel ended up being the E-Corp exec tragically committing suicide during a press conference – so McGregor petitioned FBI Andre to avoid a similar fate. If you follow McGregor on Twitter (@AndreOnCyber), you may have already seen a hint about the introduction of its namesake. And like McGregor’s contributions in general, look for FBI Andre to stay too.

Listen to Andre McGregor below in the episode of Decrypted, Ars Technica’s Mr. Robot podcast this week. If you have any questions for McGregor in the future, please get in touch via the comments section, on iTunes or via email.…he might come back later in the season.


By akfire1

Leave a Reply

Your email address will not be published.