BY ALICIA LUTES
Hacking in television and movies is nothing new: it’s been going on since the 90s and it’s likely never going to stop being a presence in our entertainment lives (probably because it’s only going to increase its prevalence in our regular lives). Sorry to break it to you, folks, but the dealings in the past season of USA Network’s Mr. Robot have proven as much: we’ve never been more vulnerable. Which is, perhaps, one of the many (and we mean many) reasons why Sam Esmail’s brilliant show has captured our imagination with such an incredible ferocity.
But it’s not easy to create a show as visceral—and authentic—as Mr. Robot without a little bit of help from someone who knows what’s up. So we hopped on the phone with one of the series’ technical consultants, Michael Bazzell, with hopes of better understanding the feasibility and authenticity behind the hacks, their relation to what’s going on in the world right now, and just how real the characters doing them are to those he’s met.
Although we’re going to be honest: we’re not entirely convinced Sam Esmail isn’t just orchestrating the lot of ’em as one big viral marketing campaign for the series. (We’re kidding. Mostly/kinda.)
Please note, this interview contains spoilers for the finale of Mr. Robot‘s first season.
Nerdist: OK, so I’m sure you’ve been hearing this ad nauseum now, but the hacking on the show is done really well: I’ve never seen such an accurate and well-executed portrayal maybe ever. How’d you get involved?
Michael Bazzell: Well, I was in law enforcement for 18 years, and during those years I was with the FBI Cyber Crime Unit; I dealt with computer intrusions, hacker cases, pedophile cases, and all of those things that a typical person in that realm would do. I started teaching a lot of this and amassed some corporate clients, teaching them about computer crime, open source intelligence, and basically through several layers of connections, I was asked if I would be interested in working with a television show about hacking. At first I was kind of resistant to that, because I, too, have seen a lot of television shows about hacking that are a little far-fetched and don’t really portray accuracy. But after great phone calls with Chad Hamilton and Sam Esmail, I was ready to do whatever it took to be involved with the show because they pointed out right away that accuracy was vital to the show, and they would not sacrifice any accuracy for story or plot. Once I heard that, and I heard how intent they were on making it real to life, I knew I wanted to be involved right away. I was the one begging to be involved not the other way around.
N: So what’s your involvement with each episode?
MB: So there are so many people involved in this, and I want to be very clear that I am NOT the only technical consultant. There’s a man named Kor Adana who does a lot of consulting on set and he is vital to all of this, but my role has been one of I get to see the script in its very early versions and my first job is to identify any technology in the script that would not be plausible; anything that would stick out that just wouldn’t seem right, or that a tech savvy person would roll their eyes at. At that point—once that was discovered—my role then became to come up with better ways to do it, to come up with ways that might be more realistic, or come up with hacks that might be the more in line with how character would have done something versus the way that it was originally presented. Sometimes the job is to come up with replacements, because there’s been a few times where there’s been technology in a scene that was not possible, and now the job is to come up with something that will work that would be realistic.
N: It must be fun to reverse engineer that stuff.
MB: Absolutely! My favorite part is when there’s an A-point and a B-point and I’m asked, “How do we get from the A to that B point? What hacking needs to happen in order or what technology would be used to get from A to B?” That’s my favorite part, coming up with those type of things that I would expect to see a real hacker do.
N: Something that really struck a chord with me and watching Mr. Robot, is how game-changing hacking is for warfare in the same way that the nuclear bomb was in 1945.
MB: you know as a society, we have come to rely on technology for absolutely every facet of our lives. Everything we do in life involves technology somehow: I don’t care who you are, there is still something involving technology [in your life]. Because of this, we have created the opportunity for hacking—an opportunity to devastate things in our lives because we rely on it too much. 60 years ago we didn’t rely on technology: heck, 20 years ago we probably didn’t rely on technology as much as we do now! Whether you know it or not technology is running your credit report, it’s running your finances, it’s running the database of the lender that owns your home. It is this new avenue that things can be devastated by when they are applied to the world of technology and databases and data mining. So I agree with you, we have this whole new area that I don’t believe the general public is prepared for, and I don’t think or believe that the private sector is truly prepared for this. And I think the proof of that is in if you just look at the daily breaches everyday.
N: It’s added a layer of paranoia to things like privacy that—up until this point—we simply took for granted, when in reality we’ve opened up this whole new channel for potential violation in our lives.
MB: Well, you are definitely preaching to the choir [laughs], I wrote two books: one is called Open Source Intelligence and Techniques, where I teach people how to find practically anything about anyone on the Internet. And the other one is the opposite, called Hiding from the Internet, where I show people how to stop providing intimate details about themselves and their lives on the internet. So I definitely sit in the paranoia camp with you on that. I don’t believe privacy is dead, I just think it takes a lot of discipline and a lot of knowledge and skill to properly have the privacy that you desire. And that’s something I definitely think I can relate to Elliot with because he doesn’t use a lot of social networks and he doesn’t put himself out there and I’m kind of the same way. And I know Sam is the same way as well.
N: Speaking of Elliot, what do you think about him and his profile as a hacker?
MB: Well, I think it’s very typical. I worked—when I was in the government—with hackers a lot, but now that I’m not working with the government I’m working with hackers now more than ever before, and Sam really get to see the true side of their personalities. [In my current work], I get to find out who they are as people [rather than] as a case number, and I think that the character of Elliot is spot on in comparison to the personalities of the people that I meet now—including hackers on both sides of the law. There’s such a misconception about hackers, but the big one is that everyone thinks hackers are evil misfits, and that’s not true in all cases. Hackers are and do a lot of good: if it weren’t for all the hackers exposing information, no one would better protect that information. The majority of hackers are extremely ethical, and they announce their findings and they do all the things they should do, but sometimes companies still ignore them. That gives them no other option then to say, “OK, tell the world that there is a problem,” and that makes the companies ultimately go fix the problems.
When I was with the government I definitely think I was a little bit more on the side of “you shouldn’t be doing bad things,” but I now kind of understand that some hackers are doing things that may be kind of illegal, but they do have real intent and they believe that what they’re doing is the right thing. Now, I’m not saying or justifying a lot of criminal acts—I don’t want it to appear that way—but there’s something very relatable about Elliot. He may be breaking into these networks, but he’s trying to do it for good; he’s doing it to either help someone or with good intentions, and I think that sometimes there is a gray area of what should and should not be prosecuted.
N: And that brings me to what happened in the finale: how feasible is something like that and on that scale, to pull off?
MB: Well first, I hope that after seeing this episode, people and companies reevaluate what their situation is with back-ups and with their data. As far as realism, I think it’s very realistic. Now I think one thing we have to always acknowledge is on a television show you only have so much time: we have 44 minutes per episode times 10 episodes—that’s not a lot of time, and obviously it would take much more time to do that. But could an elite hacking group conduct what was conducted in season one? I think absolutely.
I think the only proof I would need to quantify that is look at the OPM Hack; look at what China was able to pull off. Basically, they acquired probably some of the most sensitive data our country has ever held and they had no problem getting it—and they’re probably still in the systems. So as far as, “Is this possible?” Yeah I absolutely think it’s possible, and hopefully it’s a wake up call for a lot of businesses about protecting their data. If you have a security company telling you that you’re 100 percent protected, you should fire them because no one is 100 percent protected. In every breach we see, the the players in that breach have been browsing around that data for months at a time, executing the perfect attack and they pretty much have had free reign of the servers and systems. I include OPM, I include Ashley Madison, I include all those attacks in this statement. So I think companies need to get better at detecting them and this type of injury because it doesn’t happen at 2AM on one night: this is happening over the long term.
N: Have you talked to any hackers about the show? What they think about it?
MB: Actually, I just got back from DevCon and Blackhat, and I have a lot of friends in the hacking and network security communities, and the response has been very positive. There’s always a few complaints about some minor glitch in a show of this size, but the response [overall] has been amazing, crazy positive. Everyone of course has ideas where they think season two should go but that’s up to Sam: I have no idea where season two is going but I hope to find out.
N: Well it seems like the one thing that’s undeniable is that the hacks are going to have to get even more complicated as the show progresses. We saw B.D. Wong in that post-credit sequence clearly involved with some—for lack of a better term—weird Illuminati group that seems to be controlling things, so to circumvent that I can only imagine what would have to happen.
MB: I’m hoping to meet with Sam and his crew soon to see how involved I can be in season two; I hope I can. Because I think you’re right, it’s not like a hacking show like this can just replicate what they did in the first season as far as the technology goes. But fortunately, because technology changes so often, I don’t think a show like this will ever be out of ideas for hacking.
N: And the timing on this show has been incredible. I mean that Ashley Madison hacked happened like, a week before they sent out the finale screener to us. I’m waiting for Sam, at the end of the season, to pull off some mask and reveal he’s been pulling the worldwide hacking strings this whole time.
MB: That’s one of the first things Sam and I talked about in the beginning, was how perfect the timing was for a show like this. We’ve never seen this many breaches before; we’ve never seen this amount of hacking in history. The timing’s perfect. I don’t know if Sam just a genius or if he got really lucky, but it seems like every episode—which was filmed weeks ahead of its release—was so timely every week when it came out. And I’m still a little scared about how he pulled that off [laughs].