COMPUTER AND NETWORK SECURITY
"FLASHLIGHT"
The "Flashlight" is a device developed by the 'roaches' with the hope of combating the military. It is reverse engineered from drones, which can transmit malware to shut down a soldier's MASS system from within. The drone used by the military is connected to the MASS system because the view from the camera can be directly displayed at a soldier's eye. Thus, it is possible to reverse engineer it and get access to MASS. In the movie, the diagnostic procedure was unable to detect the malfunction of Stripe's MASS. What follows is the human consequence of such an implant malfunctioning. For Stripe, he was in physical pain and suffered emotional distress because of the implant’s malfunctioning. If a similar device was created and used in the real world, malware could do serious damage to the person. Current malware already does harm without the added vulnerability of technology being attached to a human being. For instance, the ransomware Ryuk has been “targeting businesses, hospitals, government institutions, and other organizations since 2018” [1]. To keep their control over the infected systems, the ransomware generates a private key for each victim, meaning that “even if the private RSA key associated with one victim is published, it can't be used to decrypt files belonging to other victims” [1]. Therefore, if a device were invented that could transmit malware such as Ryuk, the ransomware could have any amount of control over the soldiers. The ransomware could lock them out of their own minds and then sell their individual keys to the government. This demonstrates how introducing technological elements to the human body, such as the MASS implants, also introduces new vulnerabilities and new ways that bad actors could exploit the technology to their advantage.
The device's ability to exploit the MASS implants also highlights the need for greater and more comprehensive testing as technology advances. The MASS diagnostic carried out on Stripe's implant was not sufficient enough to find the malware that was affecting him. Currently, the rise in the use of mobile devices has led to the rise of "mobile malware" [2]. This has led to the need for new malware detection methods. Dynamic malware detection methods have been proposed, which use "device information such as the CPU usage, battery usage, and memory usage" to detect the presence of malware [2]. Considering the MASS implant's importance the the military and its vulnerable location within the soldiers' minds, the military should have created a more comprehensive testing system, beyond just the simple diagnostic. The damage done by the flashlight went unnoticed for the entirety of the diagnostic, giving no indication of the malware's presence. If the military created better ways to find malware on the MASS implants, perhaps through similar dynamic detection methods, then they would have found the malware at the diagnostic and prevented more harm.
In real life, if technologies that are similar to the MASS system are implemented in an organization, especially in the military, security must be the top priority. If a foreign country hacks into the system and controls it, they get to control the entire military. Not to say the potential to kill leaders, civilians, etc. The damage would be disastrous.
Reference:
[1] Lucian Constantin, “Ryuk ransomware explained: A targeted, devastatingly effective attack,” CSO (Online), March 19 2021. (10/10/2021)
[2] Sebastian Panman de Wit, Doina Bucur, Jeroen van der Ham, "Dynamic detection of mobile malware using smartphone data and machine learning," Digital Threats, August 2021. (10/11/2021)
