Editor’s note: This article contains plot spoilers.
Society’s understanding of technology and cybersecurity often is based on simple stereotypes and sensational portrayals in the entertainment media. I’ve written about how certain scenarios are entertaining but misleading. Think of black-clad teenage hackers prowling megacities challenging corporate villains. Or think of counterintelligence specialists repositioning a satellite from the back of a surveillance van via a phone call.
But sometimes Hollywood gets it right by depicting reality in ways that both entertain and educate. And that’s important, because whether it’s a large company, government or your personal information, we all share many of the same cybersecurity threats and vulnerabilities. As a former cybersecurity industry practitioner and current cybersecurity researcher, I believe the final season of “Star Trek: Picard” is the latest example of entertainment media providing useful lessons about cybersecurity and the nature of the modern world.
So how does “Star Trek: Picard” relate to cybersecurity?
The nature of the threat
The show’s protagonist is Jean-Luc Picard, a retired Starfleet admiral who commanded the starship Enterprise-D in a previous series. Starfleet is the military wing of the United Federation of Planets, of which Earth is a member. In Season 3, the final season, Picard’s ultimate enemy, the Borg, returns to try conquering humanity again. The Borg is a cybernetic collective of half-human, half-machine “drones” led by a cyborg queen.
The Borg has partnered with other villains and worked for over a decade to deploy hidden agents able to compromise the DNA data contained in the software underpinning the transporter – a teleportation device used regularly by Starfleet personnel. Over many years, a certain subgroup of Starfleet personnel had their DNA altered by using the transporter.
Thus, in launching their final attack, the Borg is able to instantly activate thousands of “drones” to do its bidding in the form of altered, compromised Starfleet personnel. As Geordi La Forge, the Enterprise-D’s engineer, notes, “They’ve been assimilating the entire fleet this whole time, without anyone ever knowing it.”
Instead of malicious software taking over computers, the plot involves malicious genetic code taking over humans.
The Borg’s prolonged, stealthy infiltration of the federation is indicative of how today’s most effective cyberattackers work. While it’s relatively easy to detect when hackers attempt to breach a system from the outside, experts worry about the effects of an enemy infiltrating critical systems from within. Attackers can put malicious code in software during manufacturing or in software updates, both of which are avenues of attack that do not arouse suspicion until the compromised systems are activated or targeted.
This…
