At first glance, the Watch Dogs video games seem like far-fetched fantasy, depicting a world of constant surveillance, ubiquitous hackability, and authorities eavesdropping on citizens to prevent crimes before they happen. But the more you peer beneath the bonnet, the more you realize how faithful the games are to reality and the hidden dangers that accompany technological advancement.
Watch Dogs and its more polished successor Watch Dogs 2 follow the same basic premise. You play a vigilante hacker in an open-world, semi-fictionalized city, (Chicago in the first, San Francisco in the second) taking on governments and corporations by hacking everything around you from traffic lights and automobiles to cell phones and data centers.
Although it sounds like an interconnected Orwellian nightmare, you’d be surprised how much effort went into making the hacking principles and scenarios as realistic as possible. The developers actually took advice from security experts at Kaspersky while designing game mechanics, UI screens, and hacking flows. The games also take satirical but well-placed jabs at the grey areas of private information collection and unchecked corporate oversight.
Let’s study how the Watch Dogs games hit the right notes on a few key issues in cybersecurity today.
The Internet of (Potentially Harmful) Things
The Internet of Things has regularly been touted as one of the driving forces for future technological development, and rightly so. But its speed of adoption has not been matched with a speed of willingness to make the system secure. At its best, the Internet of Things can enable a seamless network of smart devices running like clockwork in utopian cities. At its worst, everything can come crashing down with one well-placed hack.
Both Watch Dogs games shine a ruthless light on this. The games’ versions of Chicago and San Francisco are controlled by Central Operating Systems that control all public and surveillance services, something that the protagonists regularly exploit to great effect. They can scramble traffic lights to cause havoc during car chases, manipulate retractable road-blockers to crush police cars, and blindside security cameras to enter clandestine facilities.
These abilities are unnervingly close to reality. Wireless traffic signals in Michigan got hacked in 2014. A year later, Chrysler recalled 1.4 million vehicles after a successful remote hack where attackers took control of the cars through the internet. It’s relatively easy to make and sell devices that ‘talk’ to each other today, but it’s hard and expensive to make them secure across the board. Moreover, it just needs one device with weak security to compromise the entire network, triggering a deadly domino effect that can spell catastrophe both in video games and in real life.
The Perimeter Is Dead (Long Live The Perimeter?)
Your phone is the most powerful weapon you have in Watch Dogs. Every non-playable character in the game has a phone filled with a digital life that you can hack to your advantage. Lift someone’s bank account details and access their account at an ATM? Check. Spy on private messages? Check. Make a guard’s phone buzz to distract him while you discreetly make your escape? Check. Sic rival gangs on each other so that you don’t get your hands dirty? Check, check, check.
This mirrors the problems to perimeter security caused by developments like BYOD (Bring Your Own Device) policies and public cloud hosting. The easier it is to bring a hacking vector (your phone) into walled networks, the easier it is to take data out with brute force attacks. No matter how robust firewalls are, the sheer volume of external devices present in the proximity of walled networks all the time makes intrusion likely.
Debates rage in the security world about whether perimeter security holds the same clout and resource pull that it once did. “Organizations need to invest more in building perimeters around their data rather than just around their endpoint devices,” says Tyler Rorabaugh, cyber security expert at Demisto.
“Endpoint security has two main objectives: protect the user’s own device and data, and prevent the user’s device acting as an entry point for the attack to infect other systems and their data. These are good objectives, but note how data protection is central to both objectives. It makes sense to shift some resources to make personal and financial data the focus of protection rather than any one device.”
Video games are abstractions of reality and players usually find it easy to compartmentalize between what they’re playing and what they’re living. But Watch Dogs focuses on a future that’s almost here; a future that holds things which are simultaneously beneficial and uncomfortable, like a chocolate-flavored cold sore. As players find themselves in a game world that is always connected, always smart, and sometimes malicious, the lines between reality and simulation blur.
For more cutting edge and entertaining cybersecurity content, we invite you to subscribe to our blog.
This article was originally published on Security Current: https://securitycurrent.com/watch-dogs-video-games-tell-us-todays-cybersecurity/