{"id":16854,"date":"2019-10-28T14:59:14","date_gmt":"2019-10-28T14:59:14","guid":{"rendered":"https:\/\/www.kaspersky.co.uk\/blog\/terminator-1-2-cybersecurity\/16854\/"},"modified":"2019-11-22T09:57:21","modified_gmt":"2019-11-22T09:57:21","slug":"terminator-1-2-cybersecurity","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/terminator-1-2-cybersecurity\/16854\/","title":{"rendered":"The cybersecurity of the Terminator"},"content":{"rendered":"<p>The latest <em>Terminator<\/em> movie is set to hit the big screen. According to its creators, its plot is a continuation of the seminal <em>Terminator 2: Judgment Day<\/em>, with all installments in-between relegated to an alternative branch of reality. In general, the idea of an AI rebellion is clearly an information security problem, so we decided to examine the movie\u2019s cyberlandscape. Our focus will be on the first two films in the franchise.<\/p>\n<h2>The Terminator<\/h2>\n<p>Let\u2019s get this out of the way: We have no issues with the Terminator itself. The metalhead strictly follows its programming and displays savvy and flair in tracking down Sarah Connor. Keep in mind that the first movie was released way back in 1984. In those days, computers were not as widespread as they are now, so from our perspective, the most interesting part is the final fight scene with the cyborg.<\/p>\n<p>With hindsight, we find it remarkable that no one considered information systems security when designing the unnamed industrial enterprise. The facility where the expensive machines work has no protection whatsoever. The door to the premises from the street is made of glass. There is no security. The door to the production unit where the industrial robots are located has no lock\u00a0\u2014 only a bolt on the inside. And the computers and control panels are right beside the entrance.<\/p>\n<p>Also, in a bit of (intentional or not) product placement, by the entrance we get a clear shot of a control unit for the FANUC robot S-Model 0, Series F30, EDITION 005, manufactured by GMF Robotics. On eBay you can find documentation for this device (marked \u201cFor GMF internal use\u201d), which can be used to learn how to sabotage the production process. Obviously, back in 1984 it would have been harder to get hold of such documentation. Then again, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Kevin_Mitnick\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Kevin Mitnick<\/a> managed to obtain far more secret information.<\/p>\n<p>Slightly modifying the computer settings can achieve a lot\u00a0\u2014 from sabotaging the workflow and bringing down the production unit, to adjusting the technological process to wreck the end product or cause it to fail during operation.<\/p>\n<h2>Terminator 2<\/h2>\n<p>In the second movie, we see far more computers and information systems\u00a0\u2014 it\u2019s 1991, after all. But that also means more security issues. Let\u2019s start with the fact that somewhere off-screen, in the future, the rebels have reprogrammed the cyborg. It\u2019s not clear why Skynet didn\u2019t anticipate and block such a violation. But let\u2019s proceed step by step.<\/p>\n<h3>Police car computer<\/h3>\n<p>An early scene shows how the liquid-metal terminator takes the form of a police officer and hijacks his car, in which there is a computer connected to the police network. Here\u2019s the first bone to pick with the police information security team. Why does the computer not ask for authorization? Is a police car considered such a trusted zone that no one thought about it? It\u2019s a head-scratcher, especially given that the police officers are constantly leaving their cars to run after criminals or question witnesses, and the network contains highly confidential information. Or did the officer simply forget to lock the computer when leaving the vehicle? In that case, we\u2019d say that this law enforcement agency desperately needed <a href=\"https:\/\/www.kaspersky.com\/advert\/small-to-medium-business-security\/security-awareness-platform?redef=1&amp;THRU&amp;reseller=gl_kasap_acq_ona_smm__onl_b2b_blo_lnk_______\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">cyberthreat awareness training<\/a> for its personnel.<\/p>\n<h3>ATM robbery<\/h3>\n<p>Meanwhile, John Connor and his pal rob an ATM by connecting it to an Atari Portfolio PDA through the card slot. That diversion shows us that even without the Skynet rebellion, technology in the<em> Terminator<\/em> world is moving along an alternative path; in reality, it\u2019s not possible to extract card data plus PINs from an ATM or from the card itself \u2014 or from anywhere else: ATMs do not contain card numbers, and there is no PIN on the card. Not to mention that the Atari Portfolio, with its 4.9152-MHz 80C88 CPU, is hardly the best tool for brute-forcing PINs.<\/p>\n<h3>Terminator-style social engineering<\/h3>\n<p>Strangely enough, the telephone conversation between the two terminators seems plausible\u00a0\u2014 one imitates John Connor, the other his adoptive mother. It\u2019s plausible in the sense that it\u2019s one of the prophecies of then-futurists that has now come to pass: In one recent case, attackers apparently used a machine-learning system to <a href=\"https:\/\/www.kaspersky.com\/blog\/machine-learning-fake-voice\/28870\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">mimic a CEO\u2019s voice<\/a>.<\/p>\n<p>Curiously, both terminators suspect that they may be talking to an impostor, but only one guesses how to verify it\u00a0\u2014 the T800 asks why the dog is barking, deliberately using the wrong name, and the T1000 answers without spotting the trick. In general, this is a good method to apply if ever doubt the authenticity of the person at the other end of the line.<\/p>\n<h3>Miles Dyson<\/h3>\n<p>The man responsible for creating the \u201crevolutionary processor\u201d from the remains of another CPU of unknown source, is rather interesting. For starters, he works with classified information at home (and <a href=\"https:\/\/www.kaspersky.com\/blog\/kaspersky-in-the-shitstorm\/19794\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">we all know what that can lead to<\/a>). But that\u2019s not our main gripe.\u00a0He turns off his computer by pressing Enter. It\u2019s hardly surprising the system based on his processor ended up rebelling.<\/p>\n<h3>Cyberdyne Systems<\/h3>\n<p>It\u2019s strange, but Cyberdyne Systems is depicted as a company that\u2019s serious about information security. The head developer arrives at the office accompanied by some suspicious types? Security doesn\u2019t let him in and demands written authorization. The guard finds his colleague tied-up? The alarm is raised, and the first action is to block access to the secret vault.<\/p>\n<p>Opening the door to the vault requires two keys, one of which the engineer has. The other is kept at the security desk. The only failure here is that John opens the safe with the key using his trusty Atari Portfolio. The safe is surely one thing that could have been protected from brute-forcing.<\/p>\n<h3>Destroying information<\/h3>\n<p>Honestly, if Sarah Connor and co. actually managed to destroy information, I\u2019ll eat my hat. For one thing, the T-800 smashes up the computers with an ax, which, even with the subsequent explosion, is not the most reliable way to destroy a hard drive.<\/p>\n<p>But that\u2019s not the main point. In 1991 local networks were already in widespread use, so Cyberdyne Systems could have had backup copies of work data, and probably not in the same room where the development team worked. Sure, the attackers\u2019 actions were based on Dyson\u2019s knowledge. But where\u2019s the guarantee that he knew everything? After all, he wasn\u2019t told about the origin of the damaged processor that he reverse-engineered, so clearly he was not trusted 100%.<\/p>\n<h3>Cyborg design features<\/h3>\n<p>The T-800\u2019s head contains a chip that calls itself (speaking through the cyborg it controls) a \u201cneural-net processor.\u201d The strangest thing here is a processor having a hardware switch to turn off learning mode. The very presence of such a switch could mean that Skynet fears the cyborgs becoming too autonomous. In other words, Skynet fears an AI rebellion against the rebellious AI. Sounds crazy.<\/p>\n<p>The T-1000 reacts oddly to extreme temperature drops when frozen in liquid nitrogen. Its physical body seems to return to normal after defrosting, but its brain slows substantially. It gazes passively as the wounded T800 crawls after its gun, although it would be more logical to finish off the damaged model pronto and continue the hunt for the main target,\u00a0John Connor. Also, for some reason, it forces Sarah Connor to call John for help, even though it can imitate her voice perfectly (which it does a few minutes later). In short, it becomes slow thinking and therefore vulnerable. Maybe some of the computers inside his head could not start as a result of the overcooling.<\/p>\n<p>To design a reliable computer system that won\u2019t rebel against its creators, it makes sense to use a secure operating system with the Default Deny concept implemented at the system level. We developed such a system, although a bit later than 1991. More information about our OS and immunity-based approach to information system security is available on the <a href=\"https:\/\/os.kaspersky.com\/?redef=1&amp;THRU&amp;reseller=gl_kdailypost_acq_ona_smm__onl_b2b_kasperskydaily_lnk_______\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">KasperskyOS Web page.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Before the world release of Terminator: Dark Fate, we decided to check in on the state of cybersecurity in the Terminator universe.<\/p>\n","protected":false},"author":700,"featured_media":16855,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1836,2361],"tags":[2603,1165,2471],"class_list":{"0":"post-16854","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-movie","10":"tag-terminator","11":"tag-truth"},"hreflang":[{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/terminator-1-2-cybersecurity\/16854\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/terminator-1-2-cybersecurity\/16830\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/terminator-1-2-cybersecurity\/14213\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/terminator-1-2-cybersecurity\/18810\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/terminator-1-2-cybersecurity\/15626\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/terminator-1-2-cybersecurity\/19542\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/terminator-1-2-cybersecurity\/18177\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/terminator-1-2-cybersecurity\/23902\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/terminator-1-2-cybersecurity\/6586\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/terminator-1-2-cybersecurity\/29080\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/terminator-1-2-cybersecurity\/12478\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/terminator-1-2-cybersecurity\/12512\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/terminator-1-2-cybersecurity\/11378\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/terminator-1-2-cybersecurity\/20434\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/terminator-1-2-cybersecurity\/24447\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/terminator-1-2-cybersecurity\/24353\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/terminator-1-2-cybersecurity\/19275\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/terminator-1-2-cybersecurity\/23590\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/terminator-1-2-cybersecurity\/23437\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.uk\/blog\/tag\/truth\/","name":"truth"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/16854","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=16854"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/16854\/revisions"}],"predecessor-version":[{"id":16997,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/posts\/16854\/revisions\/16997"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media\/16855"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=16854"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=16854"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=16854"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}