YubiKey’s Hollywood Cameo Trips up Bad Guys

January 19, 2015 2 minute read
Blackhat movie

The YubiKey made it into Hollywood’s spotlight last weekend, taking on a plot-turning cameo appearance in the movie Blackhat. (Cue the suspenseful music).

When it was all said and done, the YubiKey showed some of the power of two-factor authentication – not in terms of fingering (pun intended) the suspect, but narrowing the field of potential culprits to whomever had physical access and touched the key.

In a cinematic trick, the YubiKey took the role of a biometric device, something it is not in real life.

Blackhat’s plot involves the pursuit of a hacker who has attacked a Hong Kong nuclear plant, causing an explosion. He then moves on to Chicago’s Mercantile Trade Exchange, causing pricing chaos.

The Hollywood twists and turns include little you’d find in a server room or the day-in-the-life of a developer including a bad boy convict, international security teams, globe hopping, car chases, hand guns, heavy artillery, grief, triumph and romance. Ok, maybe heavy (video game) artillery.

As the search for the perpetrator begins, it is quickly narrowed down by a hot lead provided indirectly by the YubiKey.  The key allows the good guys to ascertain the sophisticated hack began as an inside job, since whomever infiltrated the systems had to have touched the key to access sensitive data.

Ah, the power of touch. At least the film got that right.

The touch of YubiKey’s capacitive sensor is a key feature, proving physical user presence – something a hacker or a Trojan can’t do over the network.

Other hacker movies may want to consider the YubiKey in any number of other whitehat roles.

In real life, YubiKeys are used for physical access to offices, logging into servers, or accessing Gmail or Salesforce or GitHub, or WordPress or many other apps. Options include Mifare Classic, OTP, TOTP, U2F, NFC, Windows login/RDP with PIV, and SSH via PGP.

Now there’s a blockbuster lineup of good actors.

Perhaps we need a sequel. (Actually, while the cybersecurity scenes were fairly realistic and believable, Blackhat overall isn’t up to a sequel).

Here’s a look at the YubiKey’s cameo – don’t blink at 00:43 seconds.

Share this article:

Recommended content

How YubiKeys are made: Security at scale

The first YubiKey was manufactured in Sweden in 2008. A few years later, part of our team moved from Stockholm to California, and we expanded our production capabilities to this part to the US West coast. It was a conscious choice to manufacture our products in the two democratic countries that were close to our ...

New Yubico for Free Speech Program Arms Nonprofits with Strong Authentication

2020 continues to be a challenging year in many ways for all of us, but today, we’re proud to share some hopeful news — Yubico is introducing the Yubico for Free Speech Program, an initiative designed to defend digital privacy, online security, and free speech for at-risk individuals and nonprofit organizations. As of July 1, ...

Star Wars Day Promo: May the 4th Be With You!

You don’t have to travel to a galaxy far, far away to find a more wretched hive of scum and villainy. Sadly, our world is facing an ever-growing number of phishing attacks from data smugglers (work with us here). But there is hope. A new force has awakened… You. And you’re armed with this… a ...

Why we designed the YubiKey the way we did

The first YubiKey was launched in 2008, inspired by the word ‘ubiquity’ and with the mission to make simple and secure logins available for everyone. At the time, we were less than 10 people in the company, but our strategy was simple: if we focused on further developing the YubiKey technology in close collaboration with ...