The real-life hacking behind Watch Dogs' virtual world
It starts out simply. One day, you're scrolling through the Naval Criminal Investigative Service database, identifying a perp's body when an alert flashes red on your monitor. "INTRUSION DETECTED," it screams. You're getting hacked and there's only one solution: Call your bumbling partner over and have him join you at the keyboard. The two of you frantically bang out rapid-fire key sequences as random program windows flash onscreen. The hacker's getting further and further into the system. Your partner's never seen code like this before and his usual tricks to combat it aren't working. That's when the display goes dead and your silver fox of a boss saves the day by pulling the power plug of your workstation.
That is how the entertainment industry wants you to think hacking works. But, like most Hollywood fantasies, it couldn't be further from the truth. Ubisoft (the studio responsible for Tom Clancy's Splinter Cell and Prince of Persia: The Sands of Time) knows this and for its upcoming cross-platform release, Watch Dogs, the company went to great lengths to ensure its game world didn't fall into those same tropes. Watch Dogs focuses on mega-hacker Aiden Pearce as he manipulates a Chicago run by the CenTral Operating System (CTOS) using only the smartphone in his hand. This CTOS controls everything from the simulated Windy City's traffic lights and ubiquitous surveillance cameras, to the drawbridges that cross the Chicago River. It's a fictitious, near-future vision of connected urban life, but still Ubisoft wanted it to hew as closely to hacking reality as possible.
The development team's reasoning for this was simple: "We're trying to be relevant," Watch Dogs Content Manager Thomas Geffroyd told me. "We felt that by understanding how negatively this culture has been portrayed, we could try to present the public with a more positive and accurate view of hacking and hackers."
A Hollywood depiction of hacking on the show NCIS
To do this, Ubisoft tapped the cybersecurity experts at Russia-based Kaspersky Labs. Together, the companies worked to vet every shell script and brute-force attack portrayed in the game to keep the intrusions plausible. Accuracy is the linchpin of Watch Dogs' world, so having one of the largest internet security firms read over the script, play early versions of the game and point out any inaccuracies was integral to the game's development process.
AN UNUSUAL REQUEST
In January 2013, Kaspersky released a report on a long-running cyberespionage campaign, dubbed "Red October," that infected computers in 43 countries and stole countless encrypted files from government agencies, military contractors and nuclear research facilities. In the days that followed, the lab received a number of requests from private-sector companies asking for extra investigation about the attacks -- likely to see if they'd been targeted, as well.
In that batch of emails, though, was a different question from an altogether different firm. Ubisoft wanted to send the script for Watch Dogs over so Kaspersky could make sure all the hacking details were accurate. The studio had already spent three years researching cybersecurity and hacking; information the team readily found online. Still, they wanted a second set of eyes -- Kaspersky's eyes -- to make sure small details weren't overlooked along the way.
"We felt that by understanding how negatively this culture has been portrayed, we could try to present the public with a more positive and accurate view of hacking and hackers," Geffroyd said.
Principal Security Researcher Vitaly Kamluk said it was a pretty unusual query, but he didn't see the harm in his team helping. "We're fans of video games," he said, "and we said why not?" For Kamluk and his coworkers, the opportunity to work on Watch Dogs was a welcome change of pace and so they agreed to the task.
All of Ubisoft's research had paid off: The suggestions from Kaspersky were relatively minor. "We didn't do anything stupid in the first place," Geffroyd said. Though he acknowledged that research may have attracted the attention of a few three-letter agencies. "It'd mean we did our job right!" he said. "I'm pretty much on any watch lists the NSA may have. I don't have a doubt about that." To Ubisoft's credit, Kaspersky found little issue with Watch Dogs' script and instead focused on polishing the game from a technical perspective. "We know how hacking happens," Kamluk said. "What skills are required ... the order of the actions." This, he told me, framed the team's approach.
For example, at one point in the game, Pearce has to steal a sizable database and copy a hard drive from a server that's tucked away in a protected datacenter. The script's first draft had him log in by brute-force attacking the system (i.e., trying all possible character combinations of a short password) and then transferring the data to a network drive. That scenario wasn't quite right according to Kamluk. "It may happen in the movies, but not in real life."
Instead, Kamluk said a hacker would have to reboot the server via a hard reset, boot a custom operating system from an external device and then start copying an image of the hard drive. This type of action would realistically trigger an alarm, prompting security to come and check for physical intrusions. Which, as it turned out, was the immediate next part of Watch Dogs' story anyhow. In this case, Ubisoft's decision to not follow the Hollywood model should actually help intensify gameplay.
Watch Dogs' lead writer explains the project's origins Another suggestion that added to the realism, while also likely upping the tension, was a change to an in-car sequence. Ubisoft had originally written for Pearce to throw a GPS tag on his target and then follow him, but Kaspersky changed the sequence to make it a little more authentic. "[Pearce] has access to the surveillance cameras, can see through them and hack the bad guy just by jumping from one camera to the next without moving a finger," Kamluk said. So, instead, he suggested Ubisoft have Pearce shadow his target while copying data over a Bluetooth connection. "That would make more sense to be in close proximity to the target; stealing data instead of just tracking where he goes," Kamluk said.
In Watch Dogs' version of Chicago, smartphones, closed-circuit TV surveillance cameras and even natural gas lines are all connected to the CTOS. With that many devices on one network, Ubisoft's initial idea to use IPv4, the current internet protocol system, for the game's IP addresses (e.g., the 192.1.0.11 used to log in to many routers) wasn't plausible. The problem? IP address exhaustion: The more users or devices on a network, the fewer unique, assignable addresses that are available. Kamluk advised the team to adopt IPv6 instead since it would offer more addresses and be more realistic for a near-future city. "We went through the whole game and fixed all the visuals to make sure we could get that right," Geffroyd said. "These are the little details [Kaspersky] helped us with."
Even though Ubisoft is striving for accuracy with Watch Dogs, Geffroyd maintained the developer's focus has always been on gameplay first. That goes for potential sequels, too.
Aiden Pearce identifies a hacking target with the in-game smartphone
"We're not a simulator. With Watch Dogs, we provide entertainment and we strive for authenticity," he said. "If we'd [implemented Kaspersky's input] sooner, it would have been harder to get all of their information and try to fit it in, because it probably would have had an effect on gameplay." And because of that, Geffroyd would have had to reject some of Kaspersky's suggestions. Having the lab run through the script afterward, he said, was probably the best way to go.
Where Watch Dogs strays from reality is in how long a hack actually takes. Depending on the complexity of a real-world security system, a hack can take days or, in extreme cases, months. That's where realism is a speed bump to fun and could make the game boring -- it's something Kaspersky acknowledged must be altered to fit the constraints of a video game. That isn't to say that Watch Dogs is inaccurate, though. "Everything happening in the game is feasible in one way or another," said Geffroyd. "The issue inherent with gaming is we have to extrapolate shortcuts. We have to respect the medium and make a compelling experience."
Geffroyd knows that hacking is often boring, but said its effects are "pretty straightforward" and he thinks that's what Watch Dogs does well. There are real shell scripts present in the game (UNIX command lines), but they're counterbalanced with interfaces and components that most people would understand. "They tried to be as accurate as possible," Kamluk said. "I was impressed that the developers actually asked us to share some typical screens of what hacking tools look like." To make the game's hacking more appealing, Ubisoft also emphasized physical results of hacking, like blowing up steam pipes and lifting drawbridges -- stuff that's immediately fun.
"Everything happening in the game is feasible in one way or another," said Geffroyd.
The day I spoke with Geffroyd, he said a hacker friend told him that work's being done to create a phone like Pearce's. And, more importantly, the project had just secured funding. How? By showing the investors some Watch Dogs trailers. "I would say that everything we've extrapolated is pretty ensured to happen," Geffroyd said.
These in-game hacks aren't video game fantasy, either. Kamluk said he's seen hacking tools like network and vulnerability scanners running on modern smartphones, and added that it's possible for a phone to act as a front-end device that's connected to a more capable, off-site file server. "The list of vulnerabilities that you see on the phone in Watch Dogs? Similar things are possible," he said.
According to Geffroyd, when Anonymous wants to attack a website with a distributed denial-of-service (DDoS), it uses a desktop app that you don't even need technical knowledge to operate. "It's a very simple app you can download after a Google search," he said. All you need to do is enter an IP address and the app will start to DDoS the target. "The reality of hacking applications is already there," he said. "We're just extending it a little." Essentially, anyone can be a hacker nowadays.
SMART CITIES FOR SMART MASSES
Instances of Watch Dogs' smart city tech are already in place around the globe, albeit on a much smaller scale. New York City's plans for Hudson Yards, a sensor-laden neighborhood that monitors seemingly every aspect of life, show progress on the domestic front. IBM has had Rio de Janeiro wired with a vast emergency monitoring system since 2010. And in Songdo, South Korea, Cisco has invested $35 billion to create an embedded telepresence infrastructure and energy-management system. There isn't a single operating system akin to Watch Dogs' CTOS running an entire city just yet, but, like mobile hacking tools, Geffroyd and Kamluk don't see it as being too far off. The threat of an Aiden Pearce may not be, either.
"The more we develop, the more devices we have, the more realistic this scenario [of hackers controlling a city] is," Kamluk said. "We're getting surrounded by an enormous number of digital devices connected over a network, which creates a lot of opportunities for hackers."
Sometimes the hacker becomes the hacked in Watch Dogs
When Kamluk says "devices," that term isn't limited to what's in your pocket. Case in point: Last year, a hacker took down a portion of Moscow's networked speed cameras by uploading malware to the police computer system, and destroyed some of the cameras in the process. The attack put the traffic system out of commission for several weeks. Kaspersky was hired to investigate, but is contractually prohibited from disclosing any further details.
"People tend to create systems extending capabilities and implementing new features that are so attractive to the customer, but they don't consider security," Kamluk said.
One of the easiest points of intrusion right now are the supervisory control and data acquisition (SCADA) systems that operate on unencrypted networks. In-game and in the real world, SCADAs control traffic lights, drawbridges and natural gas pipelines. "Thousands and thousands" of them have been installed in the past 15 years and are connected to the internet, according to Geffroyd. And because the laborers putting them in place aren't security technicians, an absurd amount of the SCADA traffic is open to the public and access is a search result away. "You'd be surprised what you can do without doing anything technically advanced," Geffroyd said. "You just have to put in the very easy-to-guess default password and login [credentials]." You don't need to be in the same city or even the same country to exploit these sensors, either.
Geffroyd told me that he hopes an actual smart city wouldn't have as many weaknesses as Watch Dogs' version of Chicago, but complex systems are more apt to have security gaps. Because the first smart cities will be the likes of New York or even London, they'll probably have a lot of legacy tech in place. Those older, unprotectable elements are what Geffroyd sees as weak links in a viable security system.
"People tend to create systems extending capabilities and implementing new features that are so attractive to the customer, but they don't consider security," Kamluk said. "Security must be considered extremely seriously; human lives will depend on how secure these systems are."