Modern field guide to security and privacy

How 'Blackhat' got hackers right: A Q&A with cowriter Morgan Davis Foehl

Morgan Davis Foehl explains how "Blackhat" avoided the computer cliches and technological gobbledygook of so many hacker movies that came before.

MRC Publicity
"Blackhat" screenwriter Morgan Davis Foehl

The first two attacks the bad guy hacker makes in "Blackhat" are a clone of Project Aurora, the US government test demonstrating a worst-case scenario cyberattack on a power plant, and a thumb drive exploit like the one that delivered the Stuxnet attack on Iran's nuclear facility. Throughout the movie, it's clear that writers Morgan Davis Foehl and Michael Mann (who directed) did their research. They get right what so many movies that came before got wrong. 

The movie is ostensibly about Nick Hathaway, played by Chris Hemsworth, being freed from prison to aid an FBI manhunt of an extremely destructive hacker – but for a generation of computer professionals used to being portrayed as timid weaklings, wisecracking sidekicks, and deus ex machina devices for magic computer powers, it's the first movie about the real world they live in. 

Passcode spoke to Mr. Foehl about the research that went into "Blackhat," the challenges of writing a movie about computers, and why, despite public bafflement Hemsworth is exactly as muscled up as he should be to play the star. Edited excerpts follow.

Passcode: It doesn't take long for "Blackhat" to establish how much research went into it. You draw from Aurora and Stuxnet within, what, the first 10 minutes?

Foehl: The script started to come together in 2011, and some of the things that were happening then were Aurora and Stuxnet. And some of the other things that were floating around in that time were the Albert Gonzalez and Max Vision cases – you were starting to see guys get sentenced to serious prison terms for offenses that were a different breed of criminal then you've seen before.

When you work with Michael, he has contacts and a Rolodex like nobody else in this business. So, early on in the process, even before we were working on a story in any meaningful way, I had the opportunity to travel with him to Washington where we sat down with ex-CIA guys, current FBI guys, State Department guys, Homeland Security people, and guys at think tanks and ask them: “What is happening now? What could be happening in two or three years? And what keeps you up at night and scares you?”

Passcode: What was keeping them up at night?

Foehl: One thing that stuck with me was a Homeland Security employee talking about a flash NASDAQ crash that really happened but did not turn out to be an attack. He said that the aftermath – if that had been an actual attack would have been far worse than the attack itself. People would lose faith in the markets and pull out – there could be a crash worse than 2008.

Passcode:  Beyond researching techniques, it’s pretty apparent you researched the people involved. Your star isn’t a 98-pound pushover, isn’t a wise cracking teenager, isn’t afraid of girls, and isn’t dressed to go to a rave. You have the actor who played Thor playing a normal guy grappling with prison psychology. What’s wrong with the hacker Hollywood knows and loves?

Foehl: That's been an interesting thing to watch as the movie came out. There's sort of a perception that when casting was announced that Chris Hemsworth was somehow miscast and it was funny because the script was written with his character being a big guy. We were trying to do something that was maybe a little subversive, but mostly an acknowledgement that maybe this world was a little broader and a little deeper than most people know. It came out of things we were hearing in DC – one of the people was talking about this ring of very orthodox Hasidic Jews that were also hackers. And you look at someone like [prodigious cyber-criminal] Max Vision, and he's a big and physical guy. 

When we started, Kevin Poulsen’s book “Kingpin” about Max Vision had just come out and I loved it – I thought it was a fantastic look into that world and a fantastic piece of nonfiction storytelling. Early on, I was beating my drum in Michael's office saying “This is the guy. We have to talk to this guy.”

What we took away from him was the many mindsets people have getting into this world. You get these Eastern European cybercriminals, and the motivation there is “I'm living at the fringes of this society that's kind of unjust and corrupt and I need to monetize something, and I can monetize this.”

That’s one mindset into the world. I think Kevin's mindset into the world is more fascinating and more sympathetic, and something I could relate to from back when we got our first PS/2 in 1987, which is wanting to understand how these things work – wanting to take things apart and rebuild them. And it’s fascinating to hear a guy as brilliant as Kevin talk about how that impulse becomes an obsession and then how that obsession can lead you into a place where all of the sudden you are standing at the other side of some prison bars.

We were looking at people like Max Vision or Albert Gonzolez who aren’t really the archetypal hardened criminal in a situation where what separates these guys from everyone around them – which is taking apart these systems – and then puts them in a system they can’t take apart. It’s a fascinating irony.

For me, in the movie, the main character Hathaway is a guy who is incredibly brilliant, but that brilliance brings about these self-destructive moments. For him, the investigation in the film is about whether his skills can transcend his self-destructiveness.

Passcode: The bane of movies about technology is that furiously typing on a keyboard is not much of a climax.

Foehl: You better believe it.

Passcode:  How do you get around that as a screenwriter?

Foehl: We used the globe in some ways as a metaphor for the story we wanted to tell – because this is about an interconnected world and about an ability to create an effect in China when your sitting in Jakarta. We tried to do that through travel and putting our characters in movement as much as possible so there was a trail to follow. Part of it is incorporating set pieces with the gunplay and part of it – without being too heady about something I wrote – is demonstrate these guys at a keyboard are doing things that spill over into the world that are tangible.

Passcode: Also, you called your movie “Blackhat.” How do you resist the urge to have a character physically wearing a black hat?

Foehl: We got lucky. We came to the title pretty late in the process  – obviously there are lines in the script, but for a long time this was “Untitled Mann Project.” Maybe if we named it early on, everyone would be in a different bowler or cloche. Maybe we could have gotten Helmsworth a top hat.

Passcode: This movie comes out at a really strange time, where some of the best advertising for the movie is coming out of the daily news – Sony and, to a lesser extent, Islamic State supporters tinkering with CENTCOM’s Twitter. How do you react to seeing your movie play out in real life?

Foehl: A lot of cognitive dissonance. I have a lot of friends at Sony. I've done work there in the past and you never want to see dirty laundry aired in the public. You end up thinking, “Well, maybe some of the things that might seem farfetched about the movie might not seem farfetched.” As someone who has tried to steep myself in this world a little bit, I was surprised that this attack wasn't something on a national scale, but on the scale of a single business. But mostly you think “Maybe I was on the right track.”


You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to