14 August 2020
Watch Dogs, a video game created by Ubisoft, features a hacker in both its first and second opus. In the first opus, each player is invited to hack everything he can to achieve his goals.
The idea of this article is not to criticize the publisher on the realism of the attacks perpetrated: this is a game. The aim is therefore above all to entertain the target audience. Also, no player, and this is quite fair, is required to know hacking techniques in order to win. To perpetrate a cyberattack, the player just needs to press a command.
What remains interesting, however, is that some of the hacks staged in the game actually exist when others are totally fictional. So, we have listed four that caught our attention.
It is possible and actually quite “simple”. Cameras are connected objects, which for the moment, remain extremely insecure by default. The interesting detail highlighted in Watch Dogs remains the fact that the main character can hack a second camera after hacking the first one.
In reality, cameras are often connected to a server and controlled by an application. Finding the password makes it possible to take control of this software and have access to several cameras at the same time (no matter where they are located).
Today, where we connect more and more objects with each other, the dangers presented in the game are real. Thus, as we have just seen, for cybercriminals, it is indeed customary to enter through a “small door” (a thermometer, a watch, a connected camera…) to gain access to the main network of a company or an individual for example.
To avoid this type of attack:
In other words, the cybercriminal’s devices are also victims of his own attack. This is where the hack shown is not so realistic. In this context, we do not really have any advice on how to avoid this kind of attack, but let’s take this opportunity to give simple rules on mobile phone cybersecurity:
This is a realistic attack, although the technique used to do so – the main character uses his mobile phone to hack all the cars in the game – is not really the one used by hackers.
As an illustration, in 2015, Charlie Miller and Chris Valasek, two cyber security experts, showed that they were capable of taking control of a Jeep remotely. Andy Greenberg, a journalist for the American magazine Wired, then agreed to be part of the experiment, as a driver, while the two hackers gradually took control of the vehicle. They started with the radio to then focused on the brakes, as shown in this article and video.
Here, it is difficult to give advice on how to protect oneself from this kind of attacks because they are made possible by exploiting security loopholes. As the connected car remains a connected device like any other, the good practices given in #1 still apply, especially if a driver connects his smartphone to his car, for example.
It is quite possible and, surprisingly, simply by using a mobile phone.
We’re kidding! It’s unsurprisingly by far the most unrealistic hack in video games. Interestingly though, while most hacks are done very simply, using a command, this one requires a lot more work. The player is invited to infiltrate the launch site, replace an electronic card by another one, the latter previously compromised… The techniques proposed, although unrealistic in a space launch context, remain those used by cybercriminals.
Hacks, even the simplest ones, take time, and require unparalleled technical and organizational skills. So, our last piece of advice could be this: never underestimate a cybercriminal. If he has targeted an individual or a company, he will know how to achieve his goal.