My All-Time Favorite Hacking Movies – The Wall Street Journal

By

As one of the first movies to center on a cybersecurity crisis, “WarGames” helped create the template for how hacking is portrayed on film. I saw the movie when it first came out, at the impressionable age of 12, and it perfectly blended all my key anxieties: bad boys, bad grades and the prospect of nuclear war.

Thirty-six years later, however, it’s the hacking scene that sticks with me. It begins when Matthew Broderick’s character gets sent to the vice principal’s office, where he sneaks a peek at the note that teachers use to track the current password to the school’s computer system. He heads home, dials in with an actual modem, logs in with the purloined password, and changes his biology grade. Since he’s trying to impress the girl he’s brought home (played by Ally Sheedy), he also changes her grade—but she’s an honest sort, and insists on him changing it back. Thank you, Ally Sheedy, for showing us that girls could say no, long before #MeToo entered the lexicon.

“Sneakers” (1992)

“Sneakers” introduced moviegoers to the idea of hackers for hire: security consultants whose job is to test a company’s defenses. The scene where two team members sneak into a research center is a classic example of social engineering—the idea that you can break into a system by manipulating people rather than code. This is why the weakest link into our computers often isn’t the software. It’s us.

In the movie, a consultant sneaks into a secure building by showing up with pizza and balloons, while his partner arrives with a fake delivery at the same time. The overwhelmed receptionist buzzes in the consultant, who never even has to actually show an ID.

It seemed like Hollywood magic to me until I found myself at my first hacking conference just a few years later. With a thousand people listening in via speakerphone, one of the panelists used a similar social engineering technique to talk a Starbucks employee into handing over his store’s private network password. I still thank “Sneakers” for giving me the context to understand just how powerful that kind of technique can be.

“Demolition Man” (1993)

Let me begin by saying that “Demolition Man” is the greatest movie ever made, and one that has forever changed how I see Taco Bell. (No, I’m not going to spoil it for you by explaining.) While the movie has only a few hands-on-keyboard moments, hacking is pivotal to the action: From a prison break enabled by a stolen password, to a murder committed by hacking a graffiti-cleaning machine, cybersecurity incursions pop up throughout the film.

But the most interesting hacker moment, to my mind, comes in a speech from the leader of an underground resistance movement that has emerged to challenge a futuristic authoritarian state. This resistance looks a lot like a hacker subculture. Members live underground to avoid video surveillance, tinker with old machinery, and build remote-controlled graffiti machines in order to spread their message. When the resistance leader gets his moment in the spotlight, he uses it to deliver a concise (if hyperbolic) hacker manifesto: “I’m the enemy because I like to think, I like to read, I’m into freedom of speech and freedom of choice.”

“The Italian Job” (2003)

Long before we had smart lights, smart ovens and smartwatches, “The Italian Job” introduced audiences to the vulnerability of embedded computer systems—what we now call the Internet of Things. The heist at the heart of this movie hinges on a hack to take control of the traffic lights of Los Angeles, which the thieving protagonists use to create accidents and traffic jams that force a targeted vehicle to take an alternate route.

At a time when movies typically confined hacking scenes to brief moments of “let’s hit a bunch of keys and call it hacking,” “The Italian Job” stood out for placing its hack at the center of the action. The whole time the heist is unfolding, we’re cutting back and forth to the command center where the team’s hacker is manipulating the traffic lights, and we even get some glorious reaction scenes when the city’s engineers realize they are in deep trouble. The movie made hacking look fun and playful and exciting, as well as incredibly effective, and did us all a public service by raising awareness of the potential vulnerabilities of online infrastructure.

“The Imitation Game” (2014)

Alan Turing has near-mythical status in the tech world, thanks to both his code-breaking work and his theoretical framing of a test for computer intelligence—now known as a Turing test. “The Imitation Game” does a marvelous job of dramatizing the first half of that equation, so that it feels truly astonishing when Turing succeeds in building a mechanical device that cracks the Nazis’ Enigma code. Making that feel miraculous is no mean feat at a time when most moviegoers can fit a more powerful computer into their hands or pockets.

But what makes that moment profound is how Turing and his colleagues are forced to immediately wrestle with its consequences. Once the code is cracked, Turing’s team discovers an imminent threat to a civilian convoy. While their initial instinct is to call in an attack that will save civilian lives, Turing points out that an attack would alert the Nazis to the fact that their code has been broken. To protect their access to Enigma transmissions, the team must stand by while the civilians are slaughtered. It’s a heartbreaking scene, and one that conveys the importance of building ethical decision-making into technological innovation.

“Ocean’s 8” (2018)

As the hacker on an all-female team of would-be jewel thieves, Nine Ball (played by Rihanna) is charged with getting a map of the security system at the Metropolitan Museum of Art. To get access, she identifies a likely target on the museum’s staff, looks him up on Facebook, and discovers he is a devoted fan of Wheaten Terriers.

Nine Ball promptly whips up a credible facsimile of a Wheaten Terrier fan club newsletter and emails it to her target, in what’s known as a phishing attack. He’s so convinced by the email that he clicks on an embedded link that installs hidden software onto his computer, which Nine Ball then uses to get the information she needs.

What cybersecurity lesson can’t be taught in this hack? For example: Don’t open email attachments from unfamiliar sources; don’t click on unrecognized links; don’t leave your webcam uncovered; don’t leave sensitive information visible on the walls or surfaces of your office. But let’s just stick to the most important lesson: The information you share on social media can be used to profile and target you, whether that’s by engineering clickbait aimed at your particular interests, guessing your password based on your birthday or pet name, or figuring out your schedule and travels so that an intruder can access your home or office.

“Captain Marvel” (2019)

For any computer nerd born before 1980, ”Captain Marvel” is a movie full of giggle-inducing, nostalgia-creating scenes that perfectly capture both the delights and limitations of mid-1990s technology. From the agonizingly long wait for a CD-ROM to load, to the brief glimpse of an Alta Vista web search (yes, there was web search before Google), the movie took me right back to the days when every single online experience seemed like a mind-boggling miracle.

But there’s one aspect of mid-90s tech life that doesn’t leave me nostalgic. Being a female tech nerd in 1995 was a bit like being a talking dog: My tech skills so disconcerted certain geek guys that it was sometimes easier to let tech salesmen talk down to me than to convince them I actually knew what a router was.

That’s why I loved the scene in which Carol Danvers (aka Captain Marvel) and Nick Fury are locked in a secure room at a military installation. While Danvers watches without comment, Fury uses a piece of tape to lift a fingerprint, which he uses to release a biometric lock. When the pair encounter their next locked door, Fury realizes he should have kept his fingerprint tape intact. But Danvers—who’s already demonstrated her tech skills with such neat tricks as hacking a pay phone with a Game Boy—solves the problem by simply blasting the door open. “I didn’t want to steal your thunder,” she tells a now awed Fury.

Ah, the joys of an arm that doubles as a laser blaster. If only the tech sales bros of the 1990s had been equivalently impressed by my ability to install my own Ethernet network.

Dr. Samuel is a technology researcher and the author of “Work Smarter With Social Media.” Email her at reports@wsj.com.