The Mr. Robot Hack Report: A single unbroken hack
It also means there was really just one big hack — Angela’s full-frontal assault on Evil Corp’s hardware security module — clearing the way for the Stage Two attack. So in keeping with the cinematography, I’m going to spend the whole Hack Report just talking about that.
THE KEYMASTER
It can be a little hard to track, but Elliot basically lays out the plan when he manages to get online after being fired. Here’s the relevant voiceover:
Log data from the dark army’s backdoored machine. They’re using this guy’s account, Frank Bowman. He’s a member of the code-signing architecture team. This is what they’re doing: they want to sign their own firmware and bypass my patch. If they do that, they’ll blow up the downtown recovery building.There’s a lot in there, but the big-picture view is pretty simple. The original plan for Stage Two was to hack these batteries into blowing up a building. Elliot stopped that by rewriting the core software on those batteries (aka firmware) to be resistant to the Dark Army hack. (In an earlier voiceover, Elliot realizes the Dark Army actually tried to perform the hack at 6:26AM that morning, but his software stopped them.) Now, the Dark Army is trying to reinstall the old software so the batteries will be vulnerable again.
The problem is, you can’t just install any old firmware on a device. If the batteries are going to accept the firmware, it needs to be signed by Evil Corp’s software-signing keys, verifying that the new code really is coming from corporate HQ. (That’s the code-signing architecture Elliot is talking about.) The Dark Army wants to steal those keys, but like most corporations, Evil Corp is keeping them in a Hardware Security Module, which is basically a special server for storing encryption keys. Having an HSM lets a company use its keys for signing without exposing the keys themselves to the network. The only way for Angela to get the keys is a manual backup to a physical USB drive, which is basically what we see her do in the server room.
This sounds elaborate, and it is, but it’s what any decently large company should be doing. Anyone deploying code (which is everyone) needs to have an airtight system for verifying it. Otherwise, the first hacker that gets on their network will be able to deploy malware-laced software to compromise everyone in the company. Verifying the software means signing it, typically using a public-private key pair similar to the SSL system that verifies websites. The private key signs the software, so anyone who installs it can verify that it’s legit. And since those keys are the absolute last thing you ever want to leak, a hardware security module is the ideal place to keep them.
All of which is to say, while this was probably the most extreme hack we’ve seen all season, the E-Corp setup is the most normal part of it. For anyone who works in corporate IT, this stuff is familiar to the point of boring, which is why it’s so interesting to see it as the center of a heist plot.
via theverge