Blackhat Almost Gets Hacking Right

Blackhat Almost Gets Hacking Right

Blackhat is based on a good idea. Michael Mann, the director, sets out to demonstrate how actions derived from ones and zeroes in the virtual world can produce devastating consequences in the physical world, and to show his audience how hacking really works. And he gets so close you can practically taste the Tor relays.

The film touches on a lot of the cybersecurity issues that concern real cybersecurity experts. Without spoiling the plot, Blackhat follows the FBI as its works with Chinese cyber defence officers to solve a major hack into financial markets and a seemingly related explosion at a nuclear power plant.

The malware used is based on the famous Stuxnet attack, and the major hack that the characters are trying to prevent is targeted at critical infrastructure. References to a hacker-driven 9/11 happen throughout the movie. The FBI recruits Thor (a.k.a. Chris Hemsworth) who’s a jailed blackhat hacker with a degree from MIT to help the authorities. Hell breaks loose.

So what does it look like when the good hackers have to stop the bad hackers? Well, in between the excessive gun fights and explosions, hacking looks pretty boring. That’s actually pretty true to real-life. And despite the dumb plot and mindless violence, Blackhat almost makes the hacking believable — almost.

The bar is set pretty low

In real life, hacking is a dreadfully boring activity that often takes place in dark rooms over the course of many days or weeks. In movies, hacking tends to look like some elaborate digital art that lasts a handful of seconds.

Blackhat Almost Gets Hacking Right

Blackhat Almost Gets Hacking Right

Take Hackers, for instance. The awesome bad movie about hacking from the 90s makes breaking into networks looks less like typing lines of code into a terminal and more like a deleted scene from A Beautiful Mind. That’s a good example to the left.

Because why? Hollywood demands more artistic value, of course! That and the undeniable fact that audiences are impatient, starving for amusement. And hacking is a a dreadfully boring activity that often takes place in dark rooms over the course of many days or weeks.

Well let me tell you what. You have not seen a hacker hack until you’ve seen Chris Hemsworth hack. The sexiest man alive looks a little goofy crouched over a laptop with his Thor-sized biceps tearing through his sleeves. I swear I thought he was going to break the keys when he typed. But I was less transfixed by the man’s muscles than I was by what was happening on the screen. It looks like hacking because it’s everything that bad Hollywood hacking isn’t: simple white code on a black background, command line arguments, references to hacker-friendly things like Tor, keyloggers, and phishing. It’s a little bit boring, too!

And the Blackhat consultants are top notch

It’s not unsurprising that Michael Mann and his crew got a lot of this right. One of the consultants on the film was none other than Kevin Poulsen, a senior editor at Wired who’s famous for being a former blackhat hacker who was sent to jail and banned from using a computer for three years after his release. There’s actually an argument to be made that Poulsen was somewhat of an inspiration for Hemsworth’s character. He and his golden locks even look a little bit like Thor in a mugshot from 1990 — except minus all the muscles.

Christopher McKinlay, the mathematician who hacked OKCupid last year to find true love, also served as a consultant on the film. In a featurette released by the studio, McKinlay explains the various details the filmmakers focused on when recreating the hacker experience on screen. “We worked on how hackers speak,” says McKinlay, “how they carry themselves, how do they type. What does it sound like how do they address a computer?”

Blackhat Almost Gets Hacking Right

Along those lines, Mann also of making sure that most of what happened on screen was real coding, not just a bunch of cheesy animations. In the same featurette, Hemsworth the Hacker says that the cast “did a few months of computer lessons” which helped him “wrap his head around” the hacking scenes. It sounds a little bit silly to say, but he doesn’t look that awkward hammering away at a little code — except for all the muscles.

But Blackhat shits the bed in the end

So there are a few positive things about how Blackhat portrays hackers and hacking. Those positive things really holds up for at least the first hour! And then, just when the plot needs a dramatic twist (or: just when the filmmakers needed to make an NSA reference) it falls apart. The hacker reality turns into fantasy in a single scene. Blackhat shits the bed.

Warning: Spoilers be near. Towards the film’s climax, Thor and his FBI friends need to access corrupted data. A hard drive had literally been nuked and they needed to read the files to find out where the villain hacker, the real blackhat, was holed up. Obviously, the NSA was the only agency with technology sophisticated enough to do this. Obviously, it was top secret and totally off limits to investigators working with the Chinese. Obviously, Thor decides to hack into the NSA to get the tool.

By the way, props to Michael Mann for not making the villain some Chinese army officer. (Told you there were spoilers.) Boo hoo for making these dumb animations of what the inside of a computer doesn’t look like:

Blackhat Almost Gets Hacking Right

Anyways, Thor decides it’s a good idea to pwn a senior-level NSA officer with a phishing scam — a phishing scam! He sends an email to said NSA officer instructing him to change his password. There’s a PDF called “Reset Guidelines” or something attached to the email. And against all odds, the NSA officer reads the email and immediately opens the PDF. Oops, it’s actually keylogger software, and Thor gets the senior-level NSA officers very simple password, along with access to one of the spy agency’s most secret and powerful tools.

Sound realistic? Nope; it’s dumb as hell. At the screening I attended, multiple people laughed out loud. One of them yelled at the screen. (Spoiler: It was me.) All that great work showing the audience what hacking is really like, just to set up an exceedingly stupid hack. Even my mum knows not to open weird email attachments.

Blackhat Almost Gets Hacking Right

And then to really show off how much they dropped the ball, the filmmakers decide that this top secret NSA tool looks like a cheap video game. The software would not be out of place in Hackers, the archetype of cheesy hacker movies.

Hollywood will be Hollywood

It’s hard to tell why Michael Mann’s hacking opus ends up falling apart. The movie has few merits. The gorgeous shots of Blade Runner-like cityscapes is one of them. (Mann is damn good at cityscapes.) The hacking could’ve been another.

Now that I’ve had a little bit of time to think about the movie, I realise that it couldn’t have happened any other way. The deliberately slow hacking scenes may have been true-to-life, but Hollywood demands action. From the moment that NSA scene happens until the film’s bloody end, it’s pretty much a lot of Thor running and dodging bullets and stuff. Suddenly, this hacker is an expert in hand-to-hand combat and an expert marksman. It’s almost as if Mann decided, “Enough with this boring hacking — it’s Miami Vice time.”

I’m not saying Blackhat is bad for how it fumbled its depiction of hacking. Again, that’s actually one of the films redeeming factor. That and the hilarious fact that Thor plays a convicted hacker with a degree from MIT. The movie suffers for reasons many big budget Hollywood action movies are bad: laughable dialogue, questionable portrayals of women, ridiculous plot twists, an unfortunate attempt at a love story. The hacking part is almost interesting, though.

Blackhat Almost Gets Hacking Right


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.