To celebrate World Cinema Day, we bring you another film with important notes on the world of IT and cybersecurity.
Snowden (2016), starring Joseph Gordon-Levitt, tells the true story of Edward Snowden, who worked for the US intelligence agency, but it was as an employee of the National Security Agency (NSA) that he became, for some, a hero and, for others, a traitor to his country.
The protagonist wanted to be in the military, but an accident changed his mind. He wanted to fight in Iraq. He ended up fleeing the country, settling in Moscow, Russia, without being able to return to the United States. Edward Snowden will forever go down in history.
To summarise, Snowden denounced the activities of the NSA, which ‘spied’ on anyone and anything. According to the complaint, the NSA had installed various programmes that captured emails, phone calls, videos, photographs, any information that could be on a mobile phone or computer and that had a camera.
Rubrik’s Cube
This small object plays a very important role in this film, as it allows Snowden to remove huge amounts of data from the NSA by hiding a card with information inside a magic cube.
Firstly, the protagonist arrives at his desk, determined to put an end to the espionage project, and finds the office abnormally busy. While his colleagues are distracted, Snowden takes the opportunity to insert a card into his laptop and copy confidential NSA data that reveals massive surveillance of international citizens and governments.
His co-worker, who after meeting him also expresses his discomfort with the nature of the programme, enters the room at the exact moment Edward drops the SD card. His colleague realises the situation, since this type of equipment is forbidden in this restricted area of the military base due to the risk of exposure, but protects him by hiding the card and giving it back to Snowden.
He carefully transfers the data to the card, which he then hides inside a magic cube, a supposedly harmless toy that Snowden usually takes to the office, using the same camouflage approach to get past security without being noticed.
This tactic allows him to leave the premises with the card and, consequently, with the compromised documents that were later shared with journalists.
But what lessons can we learn from this scene?
- Constant vigilance: Despite the highly secure environment, employees’ devices are not properly monitored. More modern security systems, such as activity monitoring and real-time behaviour analysis, can help in this scenario by identifying the unusual transfer of data to a personal device.
- Physical Security Limitations: The NSA’s physical security system seems robust, with scanners and guards, but it wasn’t enough to detect this passage of information. Solutions such as Data Loss Prevention (DLP) policies may be adequate to reduce the risk of such breaches.
- Access Control: Snowden was able to access a massive amount of confidential data, which demonstrates the importance of restricting access to information, giving freedom only to those who really need to have access to it. Although he himself has access to this area, it is crucial to invest in Privileged Access Management, a solution that controls and monitors access to certain accounts.
- Zero Trust Policy: The Zero Trust approach assumes that no one, inside or outside an organisation, can be trusted. Instead of just relying on normal credentials or normal permissions, this policy requires continuous and rigorous checks on behaviour and activity, which in itself could have flagged Snowden’s actions.
- Sensitising employees: One of the biggest causes of cyber attacks is human error. In view of this, educating all employees about best security practices is essential. Although Snowden’s case was intentional, raising awareness can prevent similar acts by reinforcing security ethics and the consequences of actions.
- Preventing External Storage Devices: This scene emphasises the need for physical and digital locks on USB and SD devices. In some organisations, USB ports are disabled or monitored to prevent unauthorised data transfers.
This episode highlights a series of common flaws in security systems, demonstrating the importance of using a multidimensional approach to protect sensitive data.
Cybersecurity requires that access to data and systems be carefully monitored, and it is crucial to implement an organisational culture that promotes the security of every employee.
By learning from these examples and implementing robust cybersecurity practices, all companies can better protect their information and, likewise, reduce the risk of successful attacks.
Security starts with prevention. Protect your data by implementing solid cybersecurity practices, and count on ActiveSys to ensure that your defences are always ahead of the cybercriminals.