Mr. Robot ‘HSM’ Hack – Fact or Fiction?

For better or for worse, hackers/hacking/cyber security have become a main staple for many popular movies and TV shows. Some of these shows depict computer hacking somewhat accurately, if not for the added dramatic effects to draw in viewers. Other depictions are so outlandish that they don’t even adhere to the most basic rules of technology that the writers probably have in their very own homes.

My personally favorite hacker TV shows and movies include

  1. Person of Interest – an ex-assassin and a wealthy programmer save lives via a surveillance AI that sends them the identities of civilians involved in impending crimes. The intricate story delves into the backdoors of the internet and technology, and questions who the real criminals are—the hackers or police hunting them down.
  2. The Girl with the Dragon Tattoo – the hacking in both the book and the movie are surprisingly realistic in which a Swedish hacker teams up with a journalist to solve the rape and murder of a young girl.
  3. WarGames – while not entirely realistic, it was many of the first hacker films in which a young high school student hacker accidentally hacks into a military supercomputer and starts the countdown to World War III.
  4. The Matrix – because it is the greatest science fiction movie of all time. Depicting a dystopian future in which reality is perceived by most humans is actually a simulated reality called “the Matrix”, created by sentient machines to subdue the human population, while their bodies’ heat and electrical activity are used as an energy source.
  5. CSI: Cyber -the worst kind of hacker depiction on TV today but no less fun to watch. The show features Avery Ryan, a FBI agent and former psychologist, who is in charge of reformed hackers who investigate crimes on the internet together. The show was cancelled after two seasons…wonder why?

However, what I would really like to focus on in this post is the relatively new show, Mr. Robot.

Featuring Elliot Alderson, a cybersecurity engineer and hacker who is recruited by “Mr. Robot”, an insurrectionary anarchist to join a band of hacktivists called “fsociety” to destroy all debt records by encrypting the financial data of the largest conglomerate in the world, E Corp (or ‘Evil Corp’).

In last week’s episode ( we see the hack of a Hardware Security Module (HSM). More specifically, the mission was to backup the HSM which would give access to E Corp’s digital keys and certificates so that the Dark Army could sign malicious UPS firmware. As someone who has worked with HSMs and understands how they work, this particular episode resonated with me. HSMs are like Fort Knox; they are highly secure, maybe one of the securest defenses used within an organization and are usually separated from the rest of the network. In fact, many hardware HSMs require a set of hardware tokens to perform certain sensitive operations. For example, in order to backup the HSM, you would need physical access and multiple hardware tokens to perform actions on it (which in and of themselves are also locked up), an actual HSM—not something you would find at your neighborhood tech store, and well…access to a bunch of other credentials and the know how to use which keys for which action.

The bottom line is that technically, the HSM hack is mostly technically accurate but highly improbable. Compared to a bunch of other hacker shows out there, the fact that the show’s writers devote so much time to the accuracy of the show is impressive.

That being said, real-life hacking isn’t so much fun to watch as it is on TV. While the proliferation of these recent hacker portrayals within popular TV shows and movies can make some sort of social commentary on what modern society has become given the significant impact technology, and more specifically, cyber security, has on our lives, the truth of the matter is that the depiction of Hollywood “hacking” as anything less than a high octane, full body race-against-the-clock is totally fictional—and should stay that way.

Talya Mizrahi

Talya Mizrahi

Talya is Unbound's Marketing Project Manager. Prior to joining Unbound, she worked in marketing communications, brand management and social media at several tech start-ups. Talya excels at getting things done, period. She has a BA from Northwestern University and a MA from the Hebrew University of Jerusalem.

Subscribe to BLOG