It’s a well-known fact that TV shows and movies pride themselves on their complete and total accuracy when it comes to portraying historical events, illnesses, or jobs. That’s how we know that everyone in olden times spoke in British accents no matter what country they were in, people with tuberculosis casually cough up blood while otherwise carrying on as normal, and all doctors wander about in form fitting scrubs with only one patient to treat—right? In truth, we know that some liberties must be taken for the sake of keeping things exciting, and white and black hat hacking is no exception to this rule. That said, there are certainly shows and films that veer only slightly from realism, while others leave it firmly in their rear-view mirror, to the point where we question if they’ve ever turned on a computer. After careful study of this growing genre, we’ve assembled a list of hacking tropes that occur regularly.
1. Graphical User Interfaces
The dynamic visuals of hacking movies are stunning…ly inaccurate. This is by far the most common trope in all hacking portrayals, and for good reason: real hacking is not interesting to look at and it can even make a hacker’s eyes bleary. Have you ever been in a collaborative Zoom meeting where someone is sharing their screen of them typing up notes in real time? That is about the same level of thrill that could be derived in a realistic hacking scene, which is almost exclusively command line.
However, some renderings of hacking are far more questionable than others. The iconic Swordfish hacking scene and any other instance in which code is portrayed as a random 3D image just defy logic. Of course there are instances in which seeing data in a visual form may be helpful, but this is the equivalent of compiling a list of bank routing numbers and saying to yourself, “You know, I actually think this would be more clear if I used these sequences to create a paint by numbers picture of a giraffe eating some leaves.” And of course, there is the infamous Criminal Minds scene in which a character exclaims, “Her GUI is mindblowing!” as the camera zooms in on random images that depict neither hacking nor an interface. By that logic, we could go around a museum and gasp in astonishment at Picasso’s mindblowing GUIs.
Criminal Minds hacking scene:
2. High Speed Hacking
It is a requirement of any and all articles discussing hacking portrayals to bring up the scene from NCIS. You know the one we’re talking about. The one where the hack is not only happening in real time, it’s occurring SO fast that one set of hands on the keyboard simply will not suffice, so another member of the team hops on and smashes keys as well, because we all know it’s not what you type, it’s how fast you type it.
There could be a PhD length dissertation on what is wrong with this scene, but we’ll focus on two key issues.
First, while there are tools that do speed up the process, for the most part, breaching a system takes time, especially if it’s well protected. TV shows like Chuck have used this trope to show off the skills of the hacker, but an efficient breach is more an indication of a weak system than it is a sign of a prolific hacker. These scenes also tend show an enormous amount of data being generated, with pop-ups galore or data scrolling at a lightning pace, all of which must be completely superfluous because the hacker sure isn’t reading it—they’re busy rapidly typing code that they have, of course, completely memorized.
The other issue is how hackers seem to be completely okay with their presence being known, or even take a certain amount of joy in declaring it. A talented real-life hacker prioritizes stealth, which enables them to remain in an environment for much longer and either steal more sensitive information or fully exploit the infrastructure. Even ransomware attacks don’t send out ransom notes until after they’ve stolen or encrypted data. Scenes like the one from NCIS make it seem like a digital duel, when it’s far more similar to hide and seek. If someone loudly declares, “I’M RIGHT HERE BEHIND THIS TREE,” they’re simply not a very strategic player.
Lastly, we know we gave NCIS a hard time, but we are all about knowledge sharing, so just in case they were on to something, here’s the code they used to stop their hack:
Sdfkl8;a’opwearkdvkl,zfm;WLP:>{“5?RESdlskdgflk2dsfghmkml,ertg789234jklmfjiklsdf9op3q2490dbfjklm
You’re welcome.
NCIS hacking scene:
3. Progress Bars
Hollywood cannot get enough of displaying how far along a hack is in the form of a progress bar, seen in everything from Castle to Mission Impossible. There are only two small issues here. First and foremost, you can’t measure how close you are to hacking someone. It’s like saying you’re 78% allergic to wool—you either break out into hives or you don’t. While you can have different levels of access and control once inside a system, in terms of initial entry, you can only be on one side of the door or the other.
Secondly, what system would have a percentage bar like that in the first place? If it’s only on the hacker’s side, how does that help them? It’s not providing a time estimate, so it won’t give them a sense of how much longer it will take. If it’s generated by the system being hacked, why did you invest in a program that can tell you how hacked you are instead of software that could do something about it? That is a depressingly defeatist attitude for an application to have. On the other hand, if it’s being generated from the hacker’s side but can be seen by the individual being hacked, why are they giving them a heads up? Last we checked there wasn’t a hacker code of ethics that dictates you have to be sporting about it and give your victim a fighting chance.
By the way, if you were wondering, you’ve completed 56% of this blog thus far.
Mission Impossible hacking scene:
4. Technobabble Posing as Jargon
He’s using a virus to backloop his way through the firewall to access the PHP drives on the VPN servers! If I can decrypt the rootkit and override the cloud protocol, I should be able to isolate the IP address.
In terms of professions portrayed on film, erroneous hacking jargon is probably as common as misused medical terms. In countless TV shows and movies, the hacker’s dialogue seems to be entirely composed of words that came up in a google search for “computer-y terms.” It makes sense to enliven hacking with more visual elements, but would it hurt to throw in even a small sentence that includes a process that actually makes sense? We’re not fussy, it doesn’t even need to be related to hacking! It could just be something like, “data is being transmitted with a packet routing network that’s using IP addresses and Transfer Control Protocol.” Is that a basic description of how the internet works? Yes. Like we said, we’re not picky.
It is worth mentioning there is a rumor that TV shows use inaccurate terminology on purpose in order to irritate experts. If this is true, well, then, touché.
5. Unconventional Hacking Mediums
Hacking techniques are getting increasingly sophisticated, but Hollywood seems determined to make them even more so. There is the classic example of uploading a virus into an alien spaceship in Independence Day, because aliens are known for being fastidious about having technology that’s compatible with a planet they’re targeting. They’re attempting to take over Earth, not make you migrate from your iPad—they’re not monsters.
However, our personal favorite is a scene from the TV show Bones. Two characters are scanning skeletal remains into their trusty computer, the Solve-a-Crime-a-Tron 5000, which obviously comes standard with skeleton scanning capabilities. All of a sudden, the computer glitches and instantly bursts into flames. Upon investigation, they discover the culprit is malware that has been etched into, you guessed it, a human bone. The malware had deactivated the computer’s fans, and it’s scientifically proven that all computers will catch fire within 10-20 seconds of its fan turning off. That’s just a fact.
Given the damage that real life breaches have caused—gaining control of a nuclear reactor, taking down a major fuel pipeline, and causing an internet outage that affected North America and Europe—it’s sort of unnecessary to raise the stakes, don’t you think? But if you know someone who can hand carve a virus into a banana, let us know.
Independence Day hacking scene:
What Movies and TV Shows Get Hacking Right?
If we’re being totally honest, none of them get it 100% right. Some shows and movies have certainly strived for far more accuracy than others. Mr. Robot is regularly lauded as one of the best portrayals, as it avoids almost all of these tropes and uses realistic scenarios. For example, the ease with which the main character hacks into his medical records to change a test result is explained by pointing out that many hospitals have older systems with known weaknesses—which has been the case for actual breaches. There are other instances in which the portrayal may be inaccurate but the premise is plausible. For example, The Italian Job has a hacker who is able to gain control of traffic lights. Many traffic lights are run on SCADA systems, which have been breached, so this scenario isn’t outside the realm of possibility.
Sneakers is certainly one of the most prophetic movies about the power of hacking. Made in 1992, the adversary warned, “the world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data.” As technology marches forward, this is becoming ever more accurate. So while ridiculing movies is a great pastime, at the end of the day, it’s good to see any portrayal of hacking in movies, as it helps to bring awareness to the dangers that breaches can pose.
Sorry, that is a real downer of a blog ending. Is this why we don’t get invited to dinner parties?
Mr. Robot hacking scene:
Want to know how <i>actual</i> experts handle cybersecurity threats?
Check out the 2024 Penetration Testing Report to learn about trends, tools, and concerns of cybersecurity professionals.
