As you may know, October is National Cyber Security Awareness Month. And, in the spirit of October, we've compiled a watch-worthy list of popular (and lesser-known) movies that display tactics used by hackers today to breach local small businesses.
While this list won’t turn you into a digital Houdini. If you’re young, you’ll think it’s the bee’s knees of tech wizardry. Even if Hollywood has certainly slapped a ton of creative licensing on real-world hacking tactics, you’ll at least be able to chuckle at how absurd these scripts are. Real hackers (or engineers) aren't all coding wizards. And, no single hacker movie on this list takes the crown. However, we hope this list tickles the fancy of any nerd, tech aficionado, gamer, programmer, or geek.
Share these with your co-workers as a fun and entertaining way to observe (and participate in) National Cyber Security Awareness Month! …So, here's our list in no particular order.
WarGames (1983)
Movie Plot
WarGames (1983) is a movie about a young computer prodigy who inadvertently gains access to a classified supercomputer that manages the U.S. nuclear arsenal. The supercomputer engages him in a simulated conflict between America and Russia, leading him to unknowingly trigger the countdown to World War III.
Hacker Tactics Demonstrated
- "War-dialing" (sometimes spelt without a hyphen) is the practice of using technology to automatically scan a range of phone numbers to identify connected devices like computers, modems, and office appliances.
- "Phreaking" is the manipulation of telephone signaling to make free calls. It involved reverse engineering tones used by phone companies. Phreaking ended in 1983 with the upgrade to Common Channel Interoffice Signaling (CCIS).
Hackers (1995)
Movie Plot
Hackers (1995) is a movie about a young boy who is arrested by the U.S. Secret Service for creating a computer virus and is prohibited from using a computer until his 18th birthday. Years later, he and his new friends uncover a scheme to release a dangerous computer virus, and they must use their hacking skills to gather evidence while being chased by the Secret Service and the malevolent computer genius behind the virus.
Hacker Tactics Demonstrated
- "Social Engineering" involves manipulating individuals to perform actions or divulge confidential information. Unlike other forms of hacking, it relies on human psychology rather than software vulnerabilities. To protect against it, both individuals and businesses should be cautious with requests for sensitive information, verify the identity of new contacts, and provide cybersecurity training.
- "Phreaking" is the manipulation of telephone signaling to make free calls. It involved reverse engineering tones used by phone companies. Phreaking ended in 1983 with the upgrade to Common Channel Interoffice Signaling (CCIS).
- "Worm" is a form of malicious software that can quickly duplicate itself and propagate across networked devices. As it proliferates, a worm uses up bandwidth, causing infected systems to become slow or unresponsive.
- "Denial of Service" (sort of…), otherwise known as DDoS, is when a server or network is inundated with excessive traffic, rendering its website or online services inaccessible to legitimate users. These attacks often utilize botnets, which are networks of compromised computers used to flood a target with traffic. They can also amplify attacks that exploit vulnerabilities in internet protocols to magnify the traffic volume.
Swordfish (2001)
Movie Plot
Swordfish (2001) is a movie about a covert counter-terrorist unit that wants money from a DEA shutdown of its 'dummy' corporation codenamed "Swordfish" to help finance a war against international terrorism, but it's all locked away. The counter-terrorist unit brings in a convicted hacker to help.
Hacker Tactics Demonstrated
- "Worm" (yes, again) is a type of harmful software that rapidly replicates and spreads across networked devices. As it spreads, a worm consumes bandwidth, leading to sluggish or unresponsive systems.
-
"Password Cracking" can include brute force, dictionary, and rainbow table attacks. Brute force tries all combinations, dictionary uses common passwords, and rainbow tables use precomputed encrypted passwords. Protect with complex passwords, multi-factor authentication, and regular updates. Password managers help. Consequences include unauthorized access, financial loss, and reputational damage.
- "Logic Bomb" is software that activates when specific conditions are met. For instance, it might delete crucial files if a particular employee is fired. In this context, a logic bomb is not applicable since he is breaking into a system rather than setting up a future destructive event within a system he already controls.
Takedown (2000)
Movie Plot
Takedown (2000) is a straight-to-DVD movie loosely-based on the true story of famous Kevin Mitnick (yes, THAT Mitnick from KnowBe4) often considered one of the best hackers in the world. Constantly on the hunt for new information and cyber trophies, he seeks ever-greater challenges. When he infiltrates the computer of a security expert and former hacker, he discovers a formidable challenge—and much more. If you like cheap, engaging movies, this one's a gem.
Hacker Tactics Demonstrated
- "Social Engineering" (yes, again) involves talking a target into revealing specific information or performing a specific action for illegitimate reasons.
- "Dumpster Diving" is the act of rummaging through trash to find valuable information. Dumpster diving is a hacking method where individuals sift through discarded items to uncover sensitive data such as passwords or credit card numbers. Despite seeming trivial (and gross…), it's a surprisingly popular tactic.
Antitrust (2001)
Movie Plot
AntiTrust (2001) is a movie about a programming prodigy who joins the competitive software industry after Stanford. He is recruited by a CEO to help launch Synapse. Encouraged by his girlfriend, the programmer accepts but soon grows suspicious of the company after a tragedy, realizing trust is rare and appearances can be deceiving.
Hacker Tactics Demonstrated
- "Virus" is a type of malicious software that duplicates itself and spreads to other programs and systems. Unlike other malware, such as worms or trojans, viruses need a host program to operate and propagate. They usually attach to executable files and can activate when the host program is ran.
- "Tailgating" is when a person tries to enter a space that is off-limits to them. The most common kind of tailgating attack involves sneaking into a prohibited place behind a person who is authorized to enter.
- "Remote Shell" (sometimes referred to as "Connect-Back Shell" or "Reverse Shell") is when a hacker connects a controlled machine to the target’s remote network host, initiating a shell session. In a reverse shell attack, the target machine starts the connection and establishes the session with the hacker's host.
Untraceable (2008)
Movie Plot
Untraceable (2008) is a movie about Secret Service agent who becomes entangled in a deadly and personal cat-and-mouse game with a serial killer. This killer exploits human curiosity and fascination with the macabre by running an "untraceable" website where he broadcasts violent and painful murders live on the internet. The more people who visit the site, the faster and more brutally the victim dies.
Hacker Tactics Demonstrated
- "Trojan Horse" is a form of malware that presents itself as a legitimate application. Cybercriminals often use social engineering tactics to embed malicious code into seemingly harmless software, allowing them to infiltrate users' systems.
Live Free or Die Hard (2007)
Movie Plot
Live Free or Die Hard (2007) is a movie where a police officer teams up with a young hacker who managed to sneak into the FBI's Cyber Crime Division. His mission? To escort this young hacker to the FBI. But, of course, they end up joining forces to outsmart the ultimate cyber-bad guy right in the heart of Washington D.C.
Hacker Tactics Demonstrated
- "Virus" is (once again…) a form of harmful software that replicates itself and spreads to other programs and systems.
- "Fire Sale" is an all-out cyber warfare attack that performs a systematic three-stage attack on an entire nation's computing infrastructure.
Tron (1982)
Movie Plot
Tron (1982) is a move about an arcade owner who becomes digitally broken down into a data stream by a villainous software pirate and reconstituted into the internal, 3-D graphical world of computers. Its in the geometrically intense landscapes of cyberspace that he joins forces with Tron to outmaneuver the software pirate that holds them captive in the equivalent of a gigantic, infinitely challenging computer game.
Hacker Tactics Demonstrated
- "Insider Threat" is the malicious (i.e. seeking revenge on a former employer) or unintentional (i.e. falling for a phishing campaign) action that results in data theft, corporate espionage, or data destruction.
The Matrix (1999)
Movie Plot
The Matrix (1999) is a movie about a man leading a double life. By day, he works as an ordinary computer programmer, but by night, he becomes a hacker. His life takes a dramatic turn when he is pursued by the police after being contacted by a renowned hacker, labeled a terrorist by the government. Together, they join the rebellion against the machines, fighting off agents who are, in reality, immensely powerful computer programs.
Hacker Tactics Demonstrated
- "Insider Threat" (yep, again!) is the malicious (i.e. seeking revenge on a former employer) or unintentional (i.e. falling for a phishing campaign) actions by a person who has access to critical systems that results in a data breach or damage to systems.
- "Social Engineering" (yet, again!) is the manipulation of people into performing actions or divulging confidential information.
- "Phreaking" (yep, again!) is the hacking into telecommunications systems using specific tones.
The Net (1995)
Movie Plot
The Net (1995) is a movie about a computer programmer who begins a new freelance job and receives a disc, after which her colleagues mysteriously start dying. Her suspicions grow when, during a trip to Mexico, she is seduced by a charming stranger who is also after the disc. She soon finds herself ensnared in a vast conspiracy that results in her identity being erased.
Hacker Tactics Demonstrated
- "Social Engineering" (dang-it! yet, again!) is the manipulation of people to gain access to systems and data.
- "Spoofing" is the technique of creating a fake website, email or phone number to trick someone into visiting and clicking malicious links.
- "Brute Force" is the method of gaining access to a system by guessing the password through the use of software that guesses thousands of passwords at a time until the right combination of characters is selected.
Hot Millions (1968)
Movie Plot
Hot Millions (1968) is a movie about con artist and embezzler who just got out of prison and replaces an insurance company's computer programmer. He sends claim checks to himself in various guises at addresses all over Europe.
Hacker Tactics Demonstrated
- "Social Engineering" (once again!) is the manipulation of people to gain access to systems and data.
- "Insider Threat" (dang-it! yet, again!) is the malicious or unintentional actions to gin access to critical systems that can result in data or financial loss.
The Italian Job (1969)
Movie Plot
The Italian Job (1969) is a comical movie about a man recently released from prison who learns that one of his friends attempted a risky heist in Italy under the watchful eye of the Mafia. When his friend falls short, he steps in to take over the plan. Using three Mini Coopers, a few Jaguars, and a bus, he aims to bring Turin to a halt, steal the gold, and make a daring escape.
Hacker Tactics Demonstrated
- "Fire Sale" (yes, again!) is an all-out attack on an entire nation's computing infrastructure, including traffic lights, energy grid, and broadcasting networks.
Ferris Bueller's Day Off (1986)
Movie Plot
Ferris Bueller's Day Off (1986) is a movie about a high school student who, wanting to take a break from the mundane routine of school life, devises an elaborate plan to skip school. To ensure his absence goes unnoticed and to avoid any repercussions, he hacks into his school’s computer system and cunningly changes his grades and attendance records, making it appear as though he is present and excelling academically.
Hacker Tactics Demonstrated
- "Password Cracking" is the method of guessing or "cracking" a password.
Algorithm (2014)
Movie Plot
Algorithm (2014) is a movie about a freelance computer hacker discovers a mysterious government computer program. He breaks into the program and is thrust into a revolution.
Hacker Tactics Demonstrated
- "USB Dropping" is when a hacker leaves a seemingly harmless USB drive with malicious software nearby, hoping a victim will connect it to their computer.
- "Worm" (yeppers, again!) is a harmful software that rapidly spreads across networked devices, consuming bandwidth and slowing systems.
Searching (2018)
Movie Plot
Searching (2018) is a movie about a man who becomes desperate when his 16-year-old daughter disappears and a police investigation is futile. Hoping to find clues, he searches her laptop, scours photos and videos, and begins contacting her friends.
Hacker Tactics Demonstrated
- "Open Source Intelligence (OSINT)" is a technique used by both hackers and (in this movie) their victims to gather information, including highly sensitive information, from public websites and resources, like social media, to increase effectiveness of social engineering tactics.
- "Social Engineering" (geez, again!) is the psychological manipulation of people to gain the trust for malicious purposes.
Sneakers (1992)
Movie Plot
Sneakers (1992) is a movie about the leader of a team of experts that test security systems. When coerced by supposed government operatives to steal a highly classified black box, the team becomes entangled in a web of danger and intrigue. Upon retrieving the box, they realize it can decrypt all current encryption systems worldwide, and those who hired them are not actual government agents.
Hacker Tactics Demonstrated
- "Social Engineering" (yes, once again!) is manipulating humans for malicious purposes.
- "Keylogging" is a form of malware or hardware that keeps track of and records your keystrokes as you type to capture sensitive information like passwords, credit card numbers, and other personal data.
Blackhat (2015)
Movie Plot
Blackhat (2015) is a movie about a convicted hacker and his American and Chinese partners that are on the hunt for a high-level cybercrime network to stop a nuclear disaster.
Hacker Tactics Demonstrated
- "Spear Phishing" involves sending a targeted email to a specific person with a malicious link or file.
- "Keylogging" (yeppers, again!) is the act of recording the keys a person types on a keyboard, usually without their knowledge.
- "USB Dropping" (yepper, the good ole USB again) is when a hacker leaves, or in this case plugs in, a seemingly harmless USB drive with malicious software on it.
While Hollywood has done a pretty good job to help the general public understand the potential cybersecurity threats out there, they're rarely as scary as the real world. Hackers are gonna hack. And, no business is too small to be a target. In fact, in 2023 nearly 43% of cyber attacks were specifically on small businesses, not large corporations. Cyber Insurance policies require a level of Employee Security Awareness Training, which is why it's included with Secure Managed Services from Centre Technologies.