A Cyber Seat at the Oscars: Hollywood’s Best (and Worst) Films About Hackers and Cybersecurity

Hollywood’s fascination with all things cyber won’t get much Oscar love at Sunday’s Academy Awards ceremony.

Films in the past year have explored a range of issues that keep security leaders up at night, from cyberattacks on the power grid (Leave the World Behind) to insider threats (Reality) to evil AI (M3gan), but only Mission Impossible: Dead Reckoning, with its AI villain known as “The Entity,” has nabbed any Oscar nominations. The Tom Cruise action blockbuster scored noms for best sound and best visual effects.

With some exceptions, most great – and not so great – cyber films end up living in our hearts rather than taking home trophies. They are those cult classics we love, and love to hate.

Threat hunting starts here, with a way to protect your entire environment that’s simple, flexible, and accurate.

With Hollywood’s big night fast approaching, I got to thinking about the silver screen’s best takes on cybersecurity, specifically movies that illuminated hackers and their world in new and powerful ways – and got the tech right (or at least didn’t mess it up too badly).

Shall we play a game?

So here goes: my (thoroughly unscientific) picks for the best cybersecurity films of all time, and a few head-scratchingly inaccurate entries that go completely off the rails. (What’s any best list without the worst?)

WarGames (1983)

Hit or miss? HIT—In the midst of the Cold War, the life of a teenage computer hacker (Matthew Broderick) turns upside-down when he accidentally hacks into a military supercomputer and nearly starts a nuclear World War III.

Why it’s good: Hollywood’s first depiction of a teenage hacker (smart, lazy, more curious than cautious) is spot-on, and a refreshing contrast to what would become the hacker-as-nihilistic-villain trope. The film also touches on myriad tech issues that are increasingly relevant today, including the problem with passwords (Broderick and gal pal Ally Sheedy figure out a key password through clever detective work), the benefits of automation, and something emphasized in today’s discussions about AI: the need to keep humans in the loop. It also actually freaked out then-President Ronald Reagan and members of Congress enough that it prompted the creation of actual cyber policy.

And not without reason. Besides the vulnerabilities laid bare, the film’s freakishly detached yet upbeat computer voice as it rains down Armageddon – “Shall we play a game?” – stays with you. Perhaps if Siri or Alexa sounded more like this AI, we would be a little less inclined to welcome them so blithely into our lives.

[Read also: It’s not just Oppenheimer – even Barbie has something to say about the rise of AI and our shot at getting it right]

Sneakers (1992)

Hit or miss? HIT—A squad of hackers hired to test the security of large enterprises stumbles upon a black box capable of decoding any encryption system and a sinister plot by a hacker-gone-rogue (see villainous trope, above).

Why it’s good: Proclaimed for its star-studded cast (Robert Redford, Sidney Poitier, Ben Kingsley, River Phoenix) and classy production values, this caper made hacking look cool without being laughably improbable. Particularly on target: the scenes where the hackers use social engineering on security guards to infiltrate an organization (at one point impersonating an alarm company rep).

There’s a war out there, old friend. And it’s not about who’s got the most bullets. It’s about who controls the information.

Then there’s that line about how “little ones and zeroes” run the world (or, in 1992, soon would). “There’s a war out there, old friend. And it’s not about who’s got the most bullets. It’s about who controls the information.” Eerie.

[Read also: Misinformation / disinformation, part 1 – this year’s coming crisis and the enterprises most at risk]

Hackers (1995)

Hit or miss? MISS and HIT—This classic so-bad-it’s-good flick follows a band of rollerblading teen hackers framed for a terrorist attack.

Why it’s good: Angelina Jolie, Jonny Lee Miller, Laurence Mason, and Matthew Lillard offer up a treasure trove of memes (“Hack the planet!”), style tips (those round John Lennon glasses were huge in the ’90s—mine were purple and I still miss them), and ridic’ technobabble, getting the actual technology wrong but the overall hacker vibe oh-so-right (as even hackers will attest). And then there’s that Prodigy- and Orbital-fueled soundtrack.

The Net (1995)

Hit or miss? HIT and MISS—A loner systems analyst (Sandra Bullock) in possession of a mysterious floppy disk goes on the run after her identity is erased by digital conspirators.

Why it’s good and stinks: This film introduced audiences to the (still new at the time) concept of identity theft, and was prescient about how much we’d soon be able to do online (booking airline flights, ordering Domino’s pizza). It’s also a goofy time capsule with completely unrealistic depictions of hacking viruses that melt your screen, but c’mon, it’s a movie, people. What’s most unforgivable is the “secret” hacker’s backdoor, which is so obvious on the web page it might as well be labeled “For Secret Hacker’s Backdoor, Click Here.”

[Read also: Machine learning in cybersecurity – a primer for beginners]

Independence Day (1996)

Hit or miss? MISS—A rollicking alien-invasion adventure that hinges on the combined know-how and chutzpah of a U.S. Marine pilot (Will Smith), a president (Bill Pullman), and a technogeek (Jeff Goldblum).

Why it stinks: I get that screenwriters must take certain liberties to liven up things that are super-dull IRL, but Goldblum’s hacking the computer system of a super-advanced alien civilization with just his handy Mac PowerBook? (With an 8MB hard drive and no high-speed Wi-Fi yet, mind you.) It still leaves my jaw scraping the floor even now as I think of it.

The Matrix (1999)

Hit or miss? HIT—This blockbuster franchise launch delivers a dystopian world in which supermachines have trapped clueless humans in a simulated reality, as a computer programmer (Keanu Reeves) soon discovers thanks to a band of rebels with a penchant for black trenchcoats (hat tip to Samuel L. Jackson).

Why it’s good: What Jaws did for the ocean The Matrix does for everything around us. Watch this movie (written and directed by the Wachowskis, who essentially envisioned the world’s biggest deepfake), and you come out afterward seriously questioning how real our reality really is. The film won four Oscars, made its way into college syllabi, and still catalyzes conversations about AI, privacy, disinformation, and the implications of our digital era.

Swordfish (2001)

Hit or miss? MISS—An ex-con hacker (Hugh Jackman) is forced into a bank-robbing conspiracy by a government operative with a soul patch (John Travolta).

Why it stinks: Even Halle Berry’s appearance can’t redeem this flop, with its disturbing facial hair, lame characters (Jackman plays Stan Jobson… hmm, which Apple founder might that be subtly referring to?), and those endless shots of feverish keyboard tapping to indicate hacking techniques that bear no relation to anything real. This one doesn’t even make it into the so-bad-it’s-good category.

[Read also: These films won’t win any Oscars, but they might save your company]

The Imitation Game (2014)

Hit or miss? HIT—This biopic of Alan Turing, the father of modern-day computer science (played with prickly panache by Benedict Cumberbatch), is not about hacking per se, but the tale – which won an Oscar for best adapted screenplay – illuminates a vital detail usually missing from hacker films.

Why it’s good: As Turing and his band of plucky British cryptographers strive to develop what is essentially the world’s first computer, hoping to infiltrate Nazi communications and crack their Enigma code, they learn a hard truth: Cracking the code is just the beginning. Keeping that a secret can be just as tough. Most hacking films are all about the break-in, the moment a network is breached or a computer infected, at which point the screen pixelates in a dramatic phantasmagoria.

“Obviously, it’s not how viruses work,” conceded Todd A. Marks, a video consultant and display graphics supervisor on The Net, in a 2020 interview. Real data breaches are usually much more covert and take about 200 days to spot, during which time cybercriminals are siphoning as much sensitive data as they can. Hence the need for sensitive data monitoring tools and threat hunting teams, though such key defenses are not terribly interesting visually. “It’s a movie, not a documentary,” Marks reminds us.

Fair enough. It’s also, increasingly, real life.