Welcome to the “Making of” blog for ForeScout’s “Unusual Suspects” video. The intent is to give you a sneak peak of why we made it and some of the fun, behind-the-scenes details that maybe only we find interesting.
If you’ve clicked on this blog, you’ve likely seen this video. If you haven’t, give it a quick watch (see if you can spot me).
When speaking to customers, one of the biggest concerns they have is how to find and secure all the random devices that connect to their network every day (#1 concern, btw, is how do I hire and retain good people). For corporate owned, managed devices like PCs and phones, it’s relatively easy to put an agent on them. But for personal or more random IoT devices that suddenly pop on to the Wi-Fi network, things get much more difficult.
This idea that the doorway into your organization is often a device you’d least expect to be connected to your network is what inspired the “Unusual Suspects” concept. If you weren’t looking for it or didn’t know it was even on your network, it would be pretty hard to secure it. The opening suspect line-up joke was something we envisioned from the start, but to be honest we weren’t quite sure where to go from there.
One of the obvious devices on every corporate network is your friendly, neighborhood printer. Printers are now faxes, scanners, and document repositories and given that they have access to critical corporate data, they’re increasingly targeted by hackers looking for sensitive docs or the ability to propagate malware across the network (plus everyone hates their printer).
That being said, any device you might buy at an electronics or hardware store may be a networked connected device.
One of the first ideas we had was to make the key IoT device a refrigerator in our break room. In fact, one of our hacker friends, Jerry Gamblin, noted that it is very easy to hack vending machines as the default passwords are often left unchanged.
Showing how the hacker breaks through the IoT device and then gets inside your organization was a real technical challenge. We went through a number of potential options before settling on the invisible man concept. Making it look good required a lot of green screen, a very talented actor (and trained mime) and one of the best CG guys in the business.* Each scene featuring an invisible hacker required a lot of takes and angles. The actor wore a green suit the entire day and was forced to go in and out of multiple devices which were mimicked by cardboard cut outs (the printer, the TV and the tablet).
The setting for the video was also important to capture the right vibe. The opening scenes are shot in a slightly out dated office, and the characters were selected and dressed to be slight out of style. Sadly, this was filmed in the ForeScout corporate office in Campbell, California and many of the extras in the scenes are ForeScout employees (obviously make-up and wardrobe made us look much worse on film than the handsome/pretty people we are in real life). Do note that we’ll be moving to our shiny, new offices in a few months, so we’re good. ☺
The “new” office was shot in a modern office setting in San Francisco. The actors in those scenes were show to be young, vibrant and fashionable.
Surprisingly, the hardest scene to shoot, and the one that took the most time and takes, turned out to be the lineup itself and the zoom in to the printer. The angle and camera distance had to be the same when filming in the studio with the “criminal suspects” (very nice guys, btw) and in the ForeScout offices.
We would be remiss if we didn’t give a shout out to our team. The video was developed with GB Films and their fabulous team. It was directed by Andy Hill and produced by Cheryl Rosenthal. Check out their site to see the other cool projects they’ve done.
We hope you enjoyed the video and that it helped articulate the IoT security problem that most organizations are facing. For more info on how to combat the problem, check out our website and for the latest news about IoT security, check out our news page.
That’s a wrap…
* CG by Hectic Digital.