Hacktivists and Watch Dogs: How real-world threats inspired Ubisoft Montreal's new open-world

Once relegated to campy and inaccurate parodies in Hollywood movies, hacking is increasingly becoming a part of our daily lives. With the PlayStation Network, LinkedIn, Twitter and, most recently, Target all being attacked, as well as the countless attacks fielded by various "hacktivist" groups, computer technology and security issues are becoming impossible to ignore. The group known as LulzSec, a disparate band of anarchists, managed to take down over a dozen websites and services, including the PSN, for months.

As our world becomes increasingly interconnected, the potential vulnerabilities grow exponentially. Our lives, and especially the infrastructure on which they rely, have never been more vulnerable. If Watch Dogs – Ubisoft's recently delayed open-world, multiplatform title – could be said to have a point, that would be it.

"People should question technology and their relationship to it," one of many on the Watch Dogs team that have decided to to 'take control of their digital lives,' tells me. "The more we put ourselves in the online world the easier it is to be exploited, and many people are completely blind to how fast their world is changing."
Gallery | 6 Photos

Watch Dogs (5/10/13)

The information a player can pull from characters in Watch Dogs isn't too challenging to obtain in real life about real people. Medical records, Graham says, are still a ways off, but if you can access the majority of someone's social media profiles, you can start making very reliable predictions about who they are and what they're hiding – regardless of what is or isn't "private." Even more disconcerting, he says, is that cell phones themselves are rapidly becoming insecure. Hackers have successfully discovered how to dupe phone companies and intercept calls, texts and data. Given the degree to which people utilize their smart phones in the modern era, the infrastructure that we have come to rely on for convenience and connectedness creates a glaring weakness. That, combined with the inadequate approach we have towards cyber security leaves us woefully defenseless.

This crater in real world security was the basis of important mechanics in Watch Dogs. Aiden Pierce, the game's protagonist, has the ability to tap into any person's phone with the touch of a button as he walks the streets of Chicago. Although the game's version of this invasion of privacy is quick and flashy, its core concept – the ability to take control of anyone person's phone to listen in on conversations or steal data – is based on reality.

Sitting with Graham over the next few hours, I'm told about some of the largest cyber-attacks in history, how various cities around the world were starting to implement the same kind of "big brother" technology seen in Watch Dogs and just how completely unprepared, unaware and unprotected the general public is. These stories inspired the narrative of Ubisoft Montreal's next game.

As the world grows impossibly complex, we've begun implementing new kinds of technology to help us manage it all. Supervisory control and data acquisition (SCADA) infrastructures – a computer-based industrial control system – have been at the forefront of that trend. SCADA computer network systems monitor and control major industrial processes, such as power generation and water treatment, in the physical world by a handful of authorized individuals. Early SCADAs used proprietary technology, so if any one piece failed, the system would be extremely difficult to repair. They were physically isolated and relatively few people at the time had the expertise to maintain them properly. That's not exactly a weakness you want to have in a critical element of your infrastructure. The solution, however, was arguably much worse. Modern systems are organized into huge networks so that they can be effectively managed and monitored from a various centralized locations around a region. From the perspective of an organization, that's a huge advantage, but it also means that an attack on a single site can disturb an entire network, putting the power of a large region or even an entire state at risk if security at even one location is compromised.

The first attack took everyone by surprise. A worm dubbed 'Stuxnet' infiltrated at least 100,000 systems between 2009 and 2012. Targeting very specific SCADA networks, the virus had a level of sophistication and complexity that, at the time of its discovery in 2010, was inconceivable. Following the discovery, a director at Symantec, one of the world's leading security firms, went on record to say, "The real world implications of Stuxnet are beyond any threat we have seen in the past. [It] is the type of threat we hope to never see again."

Its only discernible purpose was to disrupt Iranian nuclear enrichment programs, though research into the virus' code has since shown that is indeed capable of much, much more. Allegedly engineered by the United States and Israeli governments, the computer worm served as major inspiration for Watch Dogs; so much so, in fact, that the intro for the game's E3 demo was based largely on a Stuxnet/SCADA information video. Other national governments, jolted into the emerging landscape of electronic espionage and digital warfare, began reassessing their options and current strategies. The global community was caught off-guard, woefully underprepared for this new generation of invisible conflict.

Stuxnet was one of the largest cyber-attacks in history, but is far from the only one its type. More recently software like Flame (a suspected Stuxnet descendent) and Red October have appeared. Each of them sporting incredibly advanced code that, according to security experts, could only have come from national governments or obscenely wealthy private organizations. The most terrifying revelation regarding these tiny bits of software are how their very existence weren't known about for years after their initial deployment. Virtually anything could be on any given computer right now and, if the code is as sophisticated as these large-scale attacks, the best in cyber security would have no idea they exist.

While massive infiltrations such as these are unnerving, in some ways they pale in comparison to the potential risk posed by a new generation hackers and an intricately connected, yet poorly secured world. Late in 2011, a water utility in Illinois was hacked by a private entity in Russia, proving that it doesn't take much to breach the security of the most important arteries of modern civilization; a computer on the other side of the world will suffice.

"I think the point I [am] making with you [is] that what we are proposing in our game is exactly how plausible or grounded in reality our hacking game play really is. On the surface it seems fantastic and a bit sci-fi, but a dedicated hacker could plausibly do all the things we do through exploitation in SCADA system weakness," Graham says.

Watch Dogs' version of the real-world SCADA is CTOS – a fully-integrated system for managing and controlling the core functions of the city of Chicago. Trains, bridges, traffic lights, CCTV cameras and water utilities are all tied directly into one massive system; a one-stop-shop for hackers in game. It may seem a bit farfetched at first, that no one in their right mind would ever connect so many disparate mechanisms, but even that has taken a few steps closer to reality. Recently the city of Glasgow, UK, successfully bid for and won £24m to it become a "smart city" – beating out the likes of other major metropolitan areas such as London. Apps that monitor traffic, networking CCTV cameras and analytical software meant to help proactively prevent crime are all slated to be brought online within the next few years. It's unlikely anyone will be able to control such systems with the dramatic flair offered by Watch Dogs, but similar systems can and have been compromised in the past.

In modern civilization, no one is beyond the scope of technology. More often than not we lure ourselves into an artificial feeling of safety and it is information-age conspiracy theorists that have been vindicated. PRISM, the NSA's rather extensive monitoring program was, if nothing else, a clarion call for us to reexamine our relationships with the devices and services we use regularly.

"We are inspired by Anonymous as well as state-sponsored hackers and the tales of corporate espionage but we decided to create fictitious factions for the game," Graham says of the groups found within Ubisoft's Watch Dogs.

One of those organizations is known as DedSec, LulzSec's Watch Dogs analogue. Throughout a recent extended trailer for the game, the group's logo is clearly visible in several places, highlighting potential escape routes and environmental tools that protagonist Aiden Pierce can use. While DedSec is the only faction Graham mentions by name, he assures me there are others, stating that the game centers on Aiden's "dealings with [them]".

These digital mobsters each have some degree of control over the CTOS, and by extension Chicago itself. They aren't a secret to the general public of the game word, though. Near the beginning of the PS4 announcement demo, a man on the street can be overheard complaining about being late for work because one of the "gangs" shuts down the bridges.

Many of us rely on our phones, our laptops, and our search engines and more to make our lives easier, to keep things simple and convenient, but almost never question how vulnerable we are. Recent real world news indicates society can never and may never again be able to ensure its privacy. Our entire livelihoods are digital, and when nothing can be locked down and secured, everything is vulnerable to attack.

The narrative found in Watch Dogs follows an accelerated version of society's vulnerability, using real world examples as the basis for its encounters and villains.

"It's important as creative people to observe the world around you and to make a statement in your work about what it means to you," Graham says. That is what Watch Dogs sets out to do, a game that may force us to think our time, about our generation, and about the adolescence of the information age.

Dan Starkey is a freelance writer based out of Minneapolis, MN. His work has been featured on GameSpot, IGN, Eurogamer and more. Follow him on Twitter.

This article was originally published on Joystiq.