Wow! We’re still catching our breath after Wednesday’s episode of Mr. Robot. On top of the intense “one-shot” cinematography and the frantic riot taking place outside the E Corp building, Episode 5 included several hacks for our CTO Corey Nachreiner to analyze in his weekly Mr. Robot Rewind column on GeekWire.
This episode was set over the course of one Monday morning at E Corp, in which we saw Elliot using real-life Kibana dashboards to monitor traces of the Dark Army’s efforts against E Corp, complete with details that realistically illustrate how hackers move laterally through a network and steal credentials after an initial breach. Elliot also attempts to socially engineer his way into using an elderly coworker’s computer, only for his attempt to backfire when she turns out to be a security ninja (you go Ellie!).
But the centerpiece of this episode was Angela’s thrilling and successful mission to backup E Corp’s hardware security module (HSM) so the Dark Army could move forward with the Stage 2 attack. Unfortunately, this sequence of events raised a few red flags for Corey, despite all the technical accuracy. Here’s an excerpt from the article discussing this hack:
From a technical level, I think it’s right on. The steps shown are right, they account for all that is needed for the HSM backup process, and the result gives the Dark Army what they need. However, I feel like there are some narrative problems with this scene that make the whole heist improbable, especially in this time frame. Though Elliot did find evidence of how the Dark Army might have obtained some of the things needed for this hack, it doesn’t account for how they obtained the more difficult credentials like the par login, and remote PED pin…More importantly, it would be very rare for two important security tokens to simply be left where Angela found them.
The major information security takeaway this episode? Don’t leave multi-factor authentication hardware tokens laying around like E Corp’s CSAT team did!
Photo Credit: USA Networks