The current cyberthreat landscape often seems like a plot straight out of a movie. Real-world attacks have become more powerful and dramatic as malicious actors take increasingly targeted approaches.
In USA Network's "Mr. Robot," fiction meets reality head on, creating a technical world with that brings real-world style hacks to fictional organizations. To remain successful, the show has to strike a fine balance between remaining technical and driving a plot with twists, turns and colorful characters.
For Ryan Kazanciyan, chief security architect at Tanium and technical advisor to "Mr. Robot," the challenge becomes helping the show runners craft cyberattacks that are technical enough to please industry insiders while also appealing to fans who lack the technical knowledge-base. To do so, Kazanciyan builds replicas of what is happening on the screen, duplicating what authentic commands and outputs would look like in a push for accuracy that show runners have sought to maintain.
In a conversation with CIO Dive, Kazanciyan explains how attitudes toward security have shifted at corporate and public levels, illustrating how "Mr. Robot," which has a third season debuting in October, crafts its approach to the world of cybersecurity.
The following conversation has been condensed.
Do you think the attitude toward cybersecurity has increased in a positive way at the board level?
Kazanciyan: I think we've become acutely aware that we're developing software, creating systems and generating data at a faster clip than we can secure any of it. The scale of the problem is only compounding itself. It's growing logarithmically not linearly. This is really at the core of the problem we're trying to solve. ...
Ten years ago no one really talked about targeted attacks or breaches outside of the [Department of Defense] and [federal] space, then it became acutely aware for a lot of folks that there were targeted attacks of all types, both for criminal gain as well as espionage purposes and intellectual property theft and lots of other motivations. ...
It's not just losing PII. It's not just losing healthcare records. It's disruptive or destructive attacks, like ransomware campaigns. It's things that can have significant diplomatic or societal effects, like the [Democratic National Committee] hacks. The range of things where cyber has had a component and [factoring in] the zeitgeist of the news is really expanded a lot.
There seems to be efforts in Hollywood to put cybersecurity incidents on screen. Do you think that's in part driven by the shift toward public awareness of hacks and large-scale breaches?
Kazanciyan: I feel like the show reflects reality and then reality ends up reflecting on the show. Meaning, some of the story lines in real life of that hacks that we've seen in the past two years would be perfectly fitting in a science fiction-esque story about hacking if you didn't know better.
Reality is scary enough on it's own. I think shows like "Mr. Robot" just capture that feeling because it's believable and real. It's exactly what people are encountering in their day-to-day lives. You can't really go a week without reading something in the news that feels like it came out of a plot line in the show.
When you're advising, there are things that get way too technical to portray on television. How do you ride that fine line of making cyberattacks understandable and flashy at the same time?
Kazanciyan: Kor Adana — the writer and producer [of "Mr. Robot"] that I work with — and I spend a lot of time crafting some of the script and dialogue to try to address that gap. Meaning, to have things discussed and mentioned in a technically accurate way, but still not make it completely inscrutable.
It's not always easy to find that line but I think they do a really good job of making sure that the scene and context around it is illustrative enough so that you can get the general idea of the beats of the story, even if you don't know the technical details.
Conversely, we have a very keen mind to ensure that the people who are technically-minded are finding that it remains accurate because we have viewers that will pause the screen every time that there's a computer screen up and line by line look at it and be like, 'is this real and is it legit.' So it needs to stand up to that.
When we actually build the screens out, one of the things I do is actually build replicas of what's occurring in the scene, like with a virtual machine, and run through it. A lot of times what you'll see shown on screen there is actually exactly what the tools would look like or the commands would look like or the output. We really, really strive hard for accuracy and spend weeks and weeks on some of those shots that you only see for a couple of seconds to make it right.
People are getting better at how technology is portrayed and there actually is a desire from the audience to see accuracy. That accuracy can create a following for the show. With the technical aspects of the show, do you ever think its too much, does material become too technical for a wider audience?
Kazanciyan: I think that comes from the push and pull of us working as a team. I am expected to be the voice that will push for the technical accuracy and I always try to temper my feedback to the notion of, 'yes, this is a TV show.' I always try to streamline wherever possible, like omit the unnecessary details and just get from point A to point B as cleanly as possible.
But then on the flip side of it, Sam [Esmail, the creator of "Mr. Robot"] has a really distinct vision for the show and so there's this healthy debate that always goes on with 'here's what we want to show and here's how we want it to work.'
The hacks and the technology fit a broader story. It's not like they're just there for fan service. I think because they always fit into the context of something, and they're not shoe-horned in, that it helps prevent it from sticking out and becoming this weird distraction from the overall flow of the show rather than a compliment to how the story is progressing.
Consumers don't necessarily assess their devices for security necessarily and instead prioritize functionality. Do you think shows like "Mr. Robot" could help shift that narrative? What is going to really drive change to personal cybersecurity habits?
Kazanciyan: I feel like it's definitely something, because of its strong foothold in popular culture helps. But I think that the real influence for change comes from the cumulative effect of everything. It's the stories in the news every week. It's not just going to come from one place.
That being said, what I want to see is for vendors themselves to work to build solutions that are more secure by design and by default and not put the onus on users to do the right things. It's funny, because I think that's true in the consumer space, but it's as much if not even more so true in the corporate space because you see the exact same thing in corporate environments.
