In this blog post Pavlo Onyshchenko marks the recent start of season 2 of the hit TV show Mr. Robot.
The show is a gripping drama following a young programmer named Elliot who works as a cyber-security engineer by day and a vigilante hacker by night. Aside from the many awards the show has won lately including Best Television Series at the Golden Globes, what has really impressed me is the level of realism of the hacking techniques used in the show. This is a fresh change from the usual inaccuracies you see in hacking and computer scenes in Hollywood, often painful to watch for a technical professional.
The show’s creator, Sam Esmail relies on security experts like Michael Bazzell who has spent 10 years working in the FBI’s cybercrime task force to ensure each technique used is plausible. So much so that the storyline gets altered if it’s not approved by a technical advisor, and hours are spent setting up windows of code that might only get a couple seconds of screen time.
The problem with the portrayal of hacking in Hollywood is how it’s often overcomplicated with super human typing skills and visuals sometimes resembling an acid trip. In the real world and as portrayed on Mr. Robot, hacking can be much simpler. Sometimes it’s as simple as tricking someone to hand over confidential information which can then be used to breach a system or simply exploiting common, weak passwords due to plain user incompetence.
With a high profile hack in the news almost every week in recent years, the show serves as a good wake up call for us to finally click that update now button on software we use or for us L&D professionals getting around to tightening our LMS security. As many of us use Moodle or a Moodle based LMS, I’ve gathered some simple tips on how you can make your Moodle site more secure right now!
Don’t delay, upgrade now!
As new vulnerabilities are discovered it becomes trivial for an attacker to use one of the known variabilities against the version of Moodle you’re running. This is why it’s essential to keep your Moodle site up to date with the latest security patches. Make sure your admins receive email notifications of new updates by configuring this in Site administration > Server > Update Notifications.