For years, pranksters have been hacking road signs to display warnings such as ‘zombie attack ahead,’ ‘hack naked’ and even ‘sorry Mario the princess is in another castle.’ The same could be said of other electronic signs, such as when “Team Trollio” hacked the Purdue digital sign on campus to flash the Internet trollface and messages like “Problem Purdue?” and “Get HAXXOR3D!”
It’s all fun and games until there’s some video game to blame. For example, in May, San Francisco road signs on Van Ness Ave were flashing “Godzilla Attack! Turn Back.” Reuters reported that highway signs across North Carolina were also hacked to display “Hack by Sun Hacker." Blame that on Watch Dogs, according to a Center for Internet Security (CIS) cyber alert posted on the Multi-state Information Sharing and Analysis Center. The alert stated:
This activity likely coincides with the May 27, 2014, release of the video game "Watch Dogs," in which game play revolves around "hacking," with a focus on hacking critical infrastructure-based electronic devices in particular. Watch Dogs allows players to hack electronic road signs, closed circuit television cameras (CCTVs), street lights, cell phones, and other systems. On May 27, 2014, the malicious actor posted an image of the game on his Twitter feed, demonstrating his interest in the game, and the compromise of road signs occurs during game play. CIS believes it is likely that a small percentage of Watch Dog players will experiment with compromising computers and electronic systems outside of game play, and this activity will likely affect SLTT government systems and Department of Transportation (DOT) systems in particular.
In Watch Dogs, the fastest-selling game in Ubisoft’s history, you can hack a lot more than road signs. A few examples include exploiting vulnerabilities to hack traffic lights while driving, disable helicopters, rupture pipes, blow up electrical junction boxes, control trains, bridges and road spikes, tap into both sides of phone conversations, steal money from bank accounts, or even cause a blackout.
Hacking is the “superpower” of Watch Dogs’ protagonist Aiden Pearce, whom Glenn Beck called an “anti-hero;” Pearce hacks via an almost-magical phone. When playing Watch Dogs on a PC, you can exploit most any vulnerability by pressing “Q.” In fact, with “Q” and the all-powerful smartphone, you can hack bank accounts, ATMs, TVs, security cameras, and even the power grid.
Fictionally via the game, you can exploit the Blume Corporation ctOS that supports Chicago’s infrastructure or access the Crime Prediction System. Via PC press “Z” for Profiler – a nifty trick that doesn’t even eat into your phone’s battery life – and it gives you a quick biography that includes a citizen’s name, work, income and some private tidbit. Does that mean Watch Dogs will also be “blamed” if there is any additional interest in the many ways the government surveils citizens and what all is known?
Shortly after the game was released, conservative TV and radio host Glenn Beck announced that Watch Dogs teaches you to hack. “They’re teaching you to hack and then become the ultimate voyeur in other people’s lives, including their bedrooms, by hacking into their phones and everything,” Beck proclaimed. Then he talked about docking your iPad or phone right next to the bed, before adding, “This game is teaching people to hack in to whatever is docked in your bedroom.…We are inviting it into our homes….We are teaching our kids for entertainment purposes.”
In real life it’s true that a person could hijack a web cam, road sign or hack sensors to jack the traffic lights; but is Mr. Beck under the impression that a magic hack-everything app actually exists?
Beck is no hacker, no gamer for that matter, and likely has no clue about the true state of vulnerable critical infrastructure. But when the Center for Internet Security starts issuing cyber alerts blaming Watch Dogs, then this could be a long, painful journey. What’s next? Blaming Watch Dogs as the inspiration for 14-year-old “hackers” using the default ATM password to access operator mode?
Security research engineer Jonathan Brossard, who acted as a consultant for Watch Dogs, had hoped the game would stir up interest as our world has a “massive shortage” of white hats. After all, it highlights some critical infrastructure systems that are vulnerable to attackers in real life. But those systems have been vulnerable for years. Surely each hack that happens in real life, that is also possible in Watch Dogs, will not be “blamed” on a video game?
Brian Krebs wrote:
We see a great deal of hand-waving and public discussion about the possibility that foreign cyber attackers may one day use vulnerabilities in our critical infrastructure to cause widespread problems in the United States. But my bet is that if this ever happens in a way that causes death and/or significant destruction, it will not be the result of a carefully-planned and executed cyber warfare manifesto, but rather the work of some moderately skilled and bored cracker who discovered that he could do it.
Lastly, because it was annoying and Watch Dogs is only a game…
Beck claimed playing a video game “rewires” your brain, but it’s hardly like “crack cocaine.” His fear-mongering also included how suicides or mass shootings are a result of “violent video games” and that entire mindset is ridiculous. As I’ve said before, stop blaming large-scale killing sprees on violent video games. There are millions upon millions upon millions of gamers in the world, so if violent video games were truly to blame, then there would be hundreds if not thousands of mass shootings across the globe every year. But there’s not because untreated mental illness – not video games, violent or otherwise – are the real problem.
By the same token, there's millions upon millions of vulnerable points waiting to be exploited. If infrastructure gets hacked, it’s because it’s been left vulnerable…not due to a video game.