Hollywood has long taken liberties with the truth – and the world of cybercrime, often misrepresented in hacker movies, is no exception. One IT expert, who has also published his own realistic brand of fiction about threat actors, would like to see that change.
We spoke to cybersecurity veteran and novelist Greg Scott for our dedicated YouTube channel. This is a transcript of the edited version of the conversation – to access the original footage, please click on the link at the bottom of this article.
You've got about 40 years of IT experience under your belt, including 15 years handling cybersecurity for dozens of companies. What's the one thing you find most rewarding about your career?
Oh boy, you give me the tough one right off the bat! When stuff works, I still get a charge out of that. When it's really frustrating and I'm up day and night and then finally everything works and I understand it – that's just golden.
I tell people new to the IT industry that the degree of satisfaction when accomplishing any task is directly proportional to the degree of frustration getting there. It's not just technology – for anyone that wants to get into this field, IT support is 50% technology and 50% psychology. You have to learn about your users and customers, too.
You've written a couple of novels now, about fictional cyberattacks – did you do that to educate people as well as entertain them?
Yes, I did. Back when I was consulting, I would go over to potential customers and tell them all the dangers and risks they were facing... and thirty, maybe sixty seconds, you could just see their eyes glaze over! I got tired of that.
As part of my MBA coursework they made us read this book called The Goal, by Eliyahu Goldratt. It's the only textbook I've read cover to cover and actually enjoyed reading - it was fiction. It was a story about a plant manager who had to go into this aging plant and the company was about to close everything down and he had to optimize all the processes. And there was a whole bunch of engineering he had to do. But the engineering was part of the story – and that held my attention.
And then I thought, what if I write a novel and go into how one of these cyberattacks unfold? So that's where Bullseye Breach came from – that's about an attacker in St Petersburg, Russia, and they reach out across the internet and steal 40 million credit cards from a fictional retailer headquartered in Minnesota called Bullseye Stores.
Do you have any other novels in the pipeline?
Virus Bomb was book No.2 and in that the stakes ratchet up significantly higher. Same main character, Jerry Barkley. He's a bald-headed IT contractor who lives in Egon, Minnesota – imagine that!? He stumbles across this cyberattack at a marketing company and that turns out to be part of something much bigger. He sniffs it out – nobody believes him, lots of people die, but millions more could have except Jerry goes to heroic lengths to save the day.
Book No.3 is a work in progress and I'm about halfway through the first draft. That one goes into a human trafficking ring. Jerry Barkley's not the main character in that story. He makes a couple of appearances, but my fraud analyst Jessie Johnson is the main character because she's in a better position to deal with this stuff. All three books are in the same fictional world, really close to the real world except for a few places that have different names.
So this is going to be an ongoing series, I'd imagine? You're going to be like the Ian Fleming of the cyberworld...!
[laughs] Wouldn't that be nice!?
What's the No.1 cliche you see in the Hollywood hacking world of fiction that really gets your goat?
Guess the password, save the world. That's how you'd summarize it.
Are we talking about the kind of scenes where they say stuff like, "WE'RE IN!!!" I presume it's much more difficult than that in reality...
Oh yeah, way more difficult. The other thing you hear all the time is "We're through the first firewall! Now the second firewall! Now the third firewall!" DO SOME HOMEWORK, HOLLYWOOD! It's not like it's boring: there's all kinds of drama and tension and all the stuff you'd expect to see in fiction. It's all right there in the technology, if you do it right.
Can you name any TV shows or movies about cybercrime that have hit it for you?
I haven't found one.
Well, it sounds like there's work to be done. I imagine you'll be submitting a screenplay to Hollywood sometime soon?
[laughs] If you know anybody from Hollywood, have their people get in touch with my people!
In a previous interview, you said that tech people are more appreciated in the world nowadays, but that technology itself is seen as less pioneering. Could you elaborate on that?
In the ‘80s and ‘90s if you did IT you were a respected professional, because you did stuff that most people didn't know how to do and didn't understand. It was all new, so nobody knew how anything worked. And somewhere around 1998... I can look back and just feel it. I went to bed an IT consultant, a hero – I woke up the next morning and I was a parasite. The mentality switched just like that. I would do these trade shows to try to find customers where you show off your stuff. And people would see me and turn to avoid my booth.
But why? That's bizarre, because at the same time you're needed more than ever...
It was bizarre, and I didn't get it. It wasn't like these people knew me and I'd made them mad somehow. They were people I'd never met before. So I finally got tired of it and I cornered the first guy that tried to bypass me. I said: "WAIT A MINUTE! [laughs] Why do you hate my guts?! What did I ever do to you?" [laughs]
What did he say?!
He said: "You do IT, right?" I said, "Yeah, course I do." He said: "You know what about computers? They are a necessary evil. I have to buy a new computer every few years because it's obsolete, and the software is buggy, the stuff never works right - but I have to use it to run my business these days, and I hate it. It's not anything personal against you – I just hate what you do for a living." That was a jarring experience.
Technology these days is a commodity, nobody remembers what it was like before we could do Zoom meetings with each other around the planet. Talk to people today, they'll act as if we had these kinds of meetings forever – they won't even remember what we did before COVID hit. That's just the way technology works, we have really short memories.
Quiz section: true or false?
We posed Greg some quick-fire questions to test his knowledge of the industry. See if you know the answer to any of them!
The first computer firewall was created by an American company…
It could have been Israeli... I'm going to go true, but it's a guess!
Apparently, it is true – it's either Cisco Systems or Digital Equipment Corporation. In the Italian Job remake with Mark Wahlberg, the character Lyle uses a Mac computer to hack into camera footage…
I have no clue...! It sounds Hollywood, I don't know!
False – apparently it was a Dell!
Only paranoid people use VPNs…
False. Depending on how you define paranoid, you know?
The legendary hacker-hunter Clifford Stoll spent 1969 sleeping under his desk while he hunted a KGB threat actor…
It was not 1969 – that one's false.
Well done! It was in the 1980s. I wasn't sure if you'd get that one, it was quite tricky! Only Windows users are at risk of having their data mined…
Yes, I think even I would have known that one. Not all bots are used by cybercriminals…
I'm going to go with true on that one.
Yes, it is true – they're used by pentesters. The scientist Nicola Tesla predicted the invention of the internet in the early 1900s…
Tesla was a visionary. There were early phone networks, nobody knew what computers were... I'm going to go out on a limb and vote true on that one.
According to the BBC it is true – he said that wireless technologies would allow us to share documents and music and eventually that would become a thing. I don't think he ever cracked it himself, but it was something he was interested in as a concept. OK, here's the last one. The first computer bug ever was a moth trapped in a computer at Harvard University in 1947…
It sounds true. That was where the term debugging came from. Whether it was Harvard or 1947... the time period feels about right. I'm going to go with true.
It's true! The first bug was literal!
More from Cybernews:
Subscribe to our newsletter