The Great Hack

It would appear that the furore over Facebook / Cambridge Analytica and manipulation of elections hasn’t died down that much. I recently watched a documentary on Netflix called The Great Hack, and I’d recommend that you do too, if you can.

The programme provided a lot of the backstory to who was involved, how and when, as told by some of the people who were there. This included:

  • Brittany Kaiser was the Director for Business Development at Cambridge Analytica, and had previously worked on Barack Obama’s presidential campaigns.  She comes across as very naive at times, though towards the end of the show it becomes obvious that the penny drops and the seriousness of the situation is made apparent;
  • David Caroll, a professor who not unreasonably asked for a copy of all data that Cambridge Analytica held on him.  If not for him, the whole situation might not have escalated as it did;
  • Julian Whitehead, the former CFO at Cambridge Analytica. I was concerned at how little he seemed bothered by the morality of what was carried out by his company; and
  • Carole Cadwalladr is an investigative journalist at The Guardian and Observer newspapers in the UK.  She did a lot of the digging and legwork, trying to find people who would and could talk to her about things that had gone on.  Carole was the reporter who broke the news, and who continued to find and release fresh information as time went on.

Perhaps the most shocking aspect of the programme was the revelation that Cambridge Analytica had been involved in some way in elections around the world since the mid-2000s.  There was an expose of how their work influenced the elections in Trinidad and Tobago which showed how manipulative Facebook posts could be, as well as discussions of how the same techniques were used both for the Brexit campaign and for Trump’s election in 2016.

It was notable that Alexander Nix, the former head of Cambridge Analytica, declined to be interviewed, and also that Julian Assange / Wikileaks should be a part of the story. I didn’t know until I watched this that Steve Bannon, erstwhile Strategist at the White House under Donald Trump and former executive chairman of Breitbart news was a cofounder of Cambridge Analytica, or that Nigel Farage was closely linked with him.

It’s worth checking out Carole Cadwalladr’s TED talk in Silicon Valley, where she asks the heads of the big tech companies whether they are happy with the world they are creating. She suggests that it is now impossible to have a free and fair election because of abuse of their technologies.

She illustrated this ably by talking to people in South Wales to ask why they voted for Brexit: many had said they worried about immigration (she also spoke to someone who thought they were the only immigrants in the area), while others said the EU had done nothing for them yet they were surrounded by construction and facilities paid for by well advertised EU funding.

I’ve mentioned the perils of taking part in online quizzes and personality profiles “for fun” on Facebook. This documentary provides the evidence of how that information can be harvested and used to target specific people – never mind groups – who are deemed to be persuadable and who can swing an election result one way or another.


Cyber viewing

Just as my recent post focussed on a selection of books related social engineering and the psychology behind cyber crime, this post will look at a range of films, documentaries and TV shows which offer insight into the industry. They’re not intended to be a definitive list, and there are many great examples which aren’t included here, but you’ll get the idea…

So, what do we have in this little collection? All 3 series of Lie to Me basically dramatise the work of Paul Ekman, deailing with microexpressions and what they tell us. Ekman was actually a consultant on the series, so you’d have to hope that a lot of what it tells us about the science is true.

Catch Me if You Can is the film of the book by Frank Abagnale, starring Tom Hanks and Leonardo DiCaprio. It’s quite a good adaptation, but I have to say I think the book is much better. They both document Abagnale’s exploits as a teenage con artist who spent time variously as a pilot, doctor, teacher and lawyer. He was eventually caught by the FBI and became a valuable resource to them and financial institutions, explaining how fraudsters operate and helping to develop ways of making counterfeit banknotes more difficult.

CSI: Cyber follows the same format as all the other CSI series, but focusses on a crack cyber team which includes some former black hat hackers. There are some really interesting (and realistic) scenarios brought to life in both series.

Sneakers and Hackers are both well known in cyber security circles, though quite dated now. Mr Robot is the current favourite for some of my colleagues, who tell me it’s pretty realistic in many respects.

Citizenfour is the real documentary telling the tale of Edward Snowden’s breach: at the time it was filmed the only people who knew it was happening were in the room. Snowden is a dramatisation of the events leading to Snowden making the decision to leak the documents.

We Steal Secrets is the story of Julian Assange and Wikileaks. After watching this and Citizenfour you’ll have a much clearer idea of the scale of data theft and the personalities behind two of the key people who have been maor players over recent years.

Honourable mentions have to go to a couple of films missing from my shelf. Spectre and Skyfall are the two most recent 007 James Bond films, and they both give a good idea of the art of the possible these days. Spectre in particular should ring alarm bells when you see that many governments want to share data with each other.

Die Hard 4.0 is a bit tongue in cheek, but if you think of the story with nation states involved rather than terrorists then it is also (allegedly) possible in parts. Just think of the instances where Ukraine has lost its entire power supply from time to time, or when every Estonian government department was offline for several days and you’ll see that it’s already happening (probably).

What other films or shows have you come across? Are there any you’d recommend?