This week on the premiere of Mr. Robot, the hacktivist collective fsociety made good on its threat to bring down the evil E Corp. With a few strokes of the keyboard, a USB stick and a little social engineering, the anarchists infected the corporate giant’s banking division with ransomware, locking up thousands of files and closing it for business.
As the character Darlene prepared her malicious code, real hackers watching no doubt chuckled at the familiar words on her screen: “Hack the Gibson…and remember…hugs are worth more than handshakes.” Like so much about the hacking on Mr. Robot, that detail was for them.
It’s a comment in the source code of the real-world toolkit known as Social Engineering Tool. The tool was designed by Dave Kennedy and is used all the time by hackers and security pros to build digital attacks---such as phishing emails that deliver ransomware. The line is an inside joke, paying homage to the movie Hackers and referencing the propensity for Kennedy and social engineer Jayson E. Street to give hugs. Street, in particular, is known for accosting people at hacker conferences and giving them "awkward hugs".
Creator Sam Esmail and staff writer and technology producer Kor Adana are committed to this level of authenticity, and 99.9-percent of the time they get it right. They put as much scrutiny into what the community says about the show as the community puts into critiquing it. "When these episodes air, I don't watch the episodes, I keep my eye on Reddit and Twitter and see what people are saying about it," Adana says.
But it wasn't always perfect in Season 1, and Adana remembers every little mistake. "I think we had a phone that was in airplane mode and it shouldn't have been. And there was the date wrong on some other screen," he says. "And I have the added bonus of Sam, whenever he sees any kind of criticism of the screen, automatically emails me a link or a screenshot asking why it happened."
Adana's background is in cybersecurity: he was a network security analyst and forensics manager for Toyota Motor Sales before getting his first Hollywood gig in 2013 as a production intern. Two years later he scored his dream job with Mr. Robot. In addition to writing scripts, he oversees all technical aspects of the show, ensuring that the hacks are realistic and all the code and tools shown are genuine. His team is composed of professional consultants, and chief among them is Marc Rogers, an old-school hacker who heads information security at Cloudflare. Rogers is well-known for pioneering hacks in the '90s. And last year he hacked Tesla’s Model S. Ryan Kazanciyan, chief security architect at security firm Tanium, and Andre McGregor and Michael Bazzell, both former FBI agents, also help out.
For Season 2, Rogers says, they decided to make the hacks more elaborate. They develop the hacks before an episode's script is even written. "Sam will say … we want Elliot [the title character] to do x, y and z, and [he should] get this piece of information from it and end up at this point in the story," Adana says. He'll then brainstorm possible hack scenarios with Rogers and Kazanciyan.
Rogers and the other consultants had a hand in the smart-home hack that hit E-Corp’s general counsel in the premiere episode. The hack caused all the electronics in her swanky apartment to go haywire---the TV turned on, the climate-control system dropped the temperature to a chilly degree, the water in her shower scorched her, and the lights blinked on and off repeatedly while the stereo blasted and her security alarm sounded. For another, he worked with Adana to hammer out "the kind of encryption algorithm that it would use, ... and what the flaws would be and what the strengths would be," Rogers says.
Once Esmail approves a hack, Adana has to write a detailed breakdown of how it works. If Adana's not familiar with a hack, he asks Rogers to step in. "[Rogers] is my go-to old school hacker; the really really technical screens that are beyond my skillset, I'll go to him for those," Adana says. But Rogers doesn't just describe the hacks; he actually does them. “In the vast majority of cases...I’ll set it up, I'll build it at home, and then I'll demo it. And then usually I'll record it and send the recording to [Adano]," Rogers says. It's a time-consuming process. “[O]ne of them took me two weeks to do. Some of them were so consuming that I literally had to take time off [from Cloudflare].”
All that gets translated into a script and sent to an animator, "who has no idea what any of this stuff looks like or what it's supposed to do" but has to make it look perfect. The animator builds interactive Flash animations for the actors, which accept any input from the keyboard so that no matter what the characters type everything looks right.
"The animation is as stressful as the writing process," Adana says. "Sometimes we're still making changes leading up to the moment we shoot. I'm finding typos or something wrong with the screen, or the timing [of the hack] is wrong, … the spacing on the response after [the actor] types the command is off."
The work that goes into building the hacks is intense, but it's not all drudgery. Just as coders in real life plant Easter eggs in their software, Adana has built them into the show.
One example was the jester image on the ransomware screen this week, a reference to infamous anonymous hacktivist The Jester, who claims to be ex-US military and takes credit for attacks against WikiLeaks, Iran, Islamic jihadists and others. "The nod to the Jester was a fun little shoutout only because Sam and the Jester and myself have had discussions about the show, and he's a huge fan of the show," Adana says.
This season they've also slipped real IP addresses into the hacks, and worked with the marketing department to ensure that when you ping an address you see on the show or click on some of the URLs, you'll actually encounter something on the other end. Esmail, Adana, and Rogers want the show to be authentic to real-life hackers, but interactive for everyone.
