Hackers and Cybanetix: replacing old-school graphics and floppy disks with modern cloud-based solutions
In 2023 alone, ransomware attackers extorted a record-breaking $1 billion from their victims. The outlook is similarly bleak for 2024. Just in June, we saw an attack on NHS Trusts in London that caused hundreds of appointments to be cancelled and an attack on CDK Global that’s forced thousands of car dealerships to pause operations.
Wind the clocks back to 1995 and ransomware was a big enough threat that it inspired a movie: Hackers. The cult-classic sees computer security officer Eugene Belford—a hacker known as The Plague—plant a virus designed to defraud his employer, Ellingson Mineral Corporation.
The Plague is thwarted by a group of high school hackers who remove his viruses while dodging Secret Service agents.
Psychedelic graphics aside, the attack methods used in Hackers are fairly realistic and ransomware and malware are certainly real threats. But – luckily – technology has advanced beyond plucky teenagers as the best line of defence.
Let’s revisit the film with modern defence tools and see if we can stop The Plague’s attacks before they cause any harm.
The Scene:
A US Secret Service Special agent reads from the Hackers Manifesto.
The Rewrite:
The Plague’s malware is detected before Joey accidentally discovers it.
“Yes, I am a criminal. My crime is that of curiosity.”
Joey hacks into a supercomputer and downloads a file to prove he did it. Unbeknownst to him, he’s stumbled upon the malware file planted by The Plague who covers his tracks by accusing Joey of planting the virus. Thus begins the plotline of Secret Service agents chasing teenage hackers and raiding their bedrooms. They’re desperate to find the source of the malware but they’re focussing their attention on the wrong people.
The real threat is already inside Ellingson – Eugene aka The Plague.
Instead of a cat-and-mouse game, SentinelOne’s threat-hunting tool, WatchTower, would enable Ellingson’s own security teams to proactively search for and neutralise hidden threats within their environment, reducing the risk of a successful attack.
Emerging threat coverage – enables you to adapt and respond to advanced persistent threat (APT) campaigns as they unfold with proactive hunting and intelligence.
Deep-dive hunts – and assessments identify every relevant risk factor to your business, from active or historical indicators of attack to risky internal practices.
Designated hunting support – provides a threat hunter dedicated to your security team and backed by SentinelOne’s experts.
The Secret Service wouldn’t even need to be called in.
The Scene:
The Plague launches the Da Vinci ransomware virus.
The Rewrite:
An Extended Detection and Response (XDR) solution identifies the malicious code and takes immediate mitigation steps
“There is no right and wrong, there’s only fun and boring”
At this point in the film, The Plague’s blame-game has been working – no one suspects him, and his decoy virus has worked. He launches his ransomware which reads, “unless five million dollars are transferred to the following numbered account in seven days, I will capsize five tankers in the Ellingson fleet.” Arrest warrants are issued for Dade and crew.
The ransomware is out there, it’s now a matter of figuring out how to prevent any damage and avoid paying the ransom.
An advanced XDR solution, like SentinelOne’s Singularity Platform, neutralises the threat by deleting the code’s source, killing all relevant processes, quarantining suspicious files, or disconnecting the afflicted endpoint from the network altogether.
Identify threats – with visibility across the entire organisation you can detect attacks emerging from all managed or unmanaged systems on any OS, from any device type – including IoT and operational technology (OT).
Halt credential harvesting and theft – by feeding false credentials to lure attackers into engaging and revealing themselves.
Cloak, deflect and protect – your systems and data by hiding and denying access to local and cloud-stored data while simultaneously making lateral movement exceedingly difficult for attackers.
With these defences at their disposal, the following scene would be obsolete.
The Scene:
Dade and the hackers download the file containing the worm.
The Rewrite:
Automatic remediation rapidly removes the threat.
“Mess with the best, die like the rest”
Hackers around the world help distract The Plague for long enough that Joey can download the file containing the worm, successfully putting an end to the attack.
Instead of needing to download and remove a file to put an end to a security breach, SentinelOne can automatically remediate affected systems, removing the threat and restoring the system to its pre-attack state.
Autonomous, machine-speed protection, detection, and response mechanisms detect and contain suspicious activity at the endpoint level.
Identify malicious code with very high specificity and take immediate mitigation steps, stopping the attack the moment it starts —before threat actors can access their desired targets—whether executed from local memory or remotely.
Turn back the clock and restore all assets and configurations to their original state before the attack, enabling a speedy recovery and ensuring complete business continuity, regardless of how wide and deep the attack hit.
Lessons from 90s nostalgia
As fun as it is to see a group of teenage hackers take down a bad actor, the technology available today would have stopped The Plague before the teenagers needed to get their rollerblades out.
Suspicious activity would be discovered by threat-hunting tools or identified and, if a breach did happen, the threat could be removed by an Extended Detection and Response (XDR) solution and remedied automatically.
But it’s always good to remember that attacks can come from anywhere – inside and outside your organisation. And if your system can be hacked by teenagers, it’s probably time to upgrade your security.