Blackhat, the new film from director Michael Mann and starring Chris Hemsworth premieres Friday, January 16, 2015. The Science & Entertainment Exchange had a chance to chat with Chris McKinlay, computer scientist/hacking expert, who consulted on the film. McKinlay has worked with Anonymous, been a professional blackjack player, and—this one is fantastic—reverse-engineered OKCupid to become the most popular male profile in Los Angeles. He even has a degree in Chinese! Check out what McKinlay had to say about working on Blackhat, Lizard Squad, and the infamous Sony hack. Check out his website ChrisMcKinlay.net!
The Exchange: Tell us a bit about what you did for the film.
Chris McKinlay: Let’s see. I did a lot. I tutored Michael Mann for a while. That was the first thing I did. I did some consulting on the screenplay. Mostly so the scenes made sense and the dialogue makes sense. Chris Hemsworth came on and I worked with him for about four or five weeks. Leehom (Wang) came on and I worked with him, Viola Davis—I wrote all the code that appears on screen in the movie. I did a lot of consulting on the special effects for John Nelson (Visual Effects Supervisor)—props, what a safe house computer looks like, what observer rooms look like, and then I did a lot of work on Michael Mann’s data security while he was overseas.
The Exchange: His personal data security?
The Exchange: The code on screen—if someone is familiar with coding, would they recognize the code in what they’re seeing up there?
McKinlay: Oh, yeah. Absolutely. It’s all internally consistent. And the malware that the character is using, that’s the only stuff I didn’t write from scratch. That was sourced from original virus source code.
The Exchange: How much time did you spend with the actors, explaining all of this and tutoring them? I can’t imagine that they knew a lot about the details.
McKinlay: Leehom knew a little bit because his brother is an MIT student. He does a lot of computer stuff. But for the most part, most of them didn’t. I spent a lot of time with them. A couple hours a day for months. Especially Chris. It was a lot of, what is the subculture like, you know? What these people look and sound like, how to type! He couldn’t touch type. And then how to type code. It’s not the same as typing English. [laughs] Sort of the full spectrum.
The Exchange: How complete was the script when you came on board?
McKinaly: It was complete. It was just out of its first draft. But, it was really—I guess from a hacker’s perspective, it was bulls***, a lot of it. [laughs] So, we spent a lot time saying, “This scene needs to not be like this” and discussing alternatives. Michael Mann is just as interested in keeping the plot pretty tight and dramatic. I switched scenes from software only scenes to software/hardware scenes. To mix things up.
The Exchange: Is the film close to the real life?
McKinlay: Yes and no. The bad guy in the movie seems to be an individual acting alone. I mean, he’s got henchman who shoot guns and s***, but no one’s coding. To pull off stuff like he’s pulling off would really take like a nation state. It’s pretty intense. Like shutting down a future market in Chicago, that’s like Lizard Squad. [laughs]
The Exchange: Let me ask you about Lizard Squad. For many gamers, it was pretty upsetting when they took down all the game networks over Christmas! Some of them started to show themselves and get arrested. Is there something about the fame of all this?
McKinlay: [laughs] Well, yeah. I mean, you should check out their Twitter feed. It’s hilarious. They’re together. They have a theme song that someone mixed for them on SoundCloud. They’re trolling Brian Krebs (an investigative reporter who covers cybercrime) left and right. It’s actually really good entertainment, following them. That’s something that I think Anonymous and ISIS and Al Qaeda and Al Jazeera kind of pioneered. That’s f****** awesome PR! So I think to the extent that they do that—I think the two main guys think that they’re really not going to get prosecuted, so they don’t really care. The other two guys who got busted, yeah, they’re a little stupid.
The Exchange: After the whole Sony hack and store hacks, I’m curious, how difficult is it to tell who is really doing these things? I’d read so much about whether or not code is identifiable. Is it?
McKinlay: Yeah. Attribution is really complicated. This is actually one thing about the movie that is pretty realistic. In the movie, Chris Hemsworth and Leehom write some code as a gag, and then it gets repurposed later on for something else. That kind of s*** happens all the time. More and more so for profit. So people rent out services for code. In the Sony case, yeah, there is some stuff that was used, notably a virus called Wiper, which destroys hard drives and data. That was used by North Korea, allegedly, in the Dark Seoul stuff. Even if that Dark Seoul attribution was heavily contested, it’s imminently easy to fix these things up and use them and lead people off of the trail, and it certainly would be in a lot of people’s interest to throw this all in North Korea’s lap. In general it’s pretty complicated. That said, I don’t think the U.S. would have Obama come out and name North Korea if they didn’t at least feel that the position was defensible. So I imagine North Korea—I think there is a pretty good chance North Korea was involved. I doubt they were the people who got inside originally. But it’s probably fair to say that they were somehow involved.
The Exchange: What piece of advice would you give to people who want to keep their information from being hacked?
McKinlay: Hire me! [laughs]