Why I Finally Watched 28 Days Later (And Immediately Had to Restart It)

I avoided watching 28 Days Later for as long as it's been out - simply because I do not like the majority of horror movies*. However, with the recent release of 28 Years Later, my friend told me the franchise was post-apocalyptic horror. I could still care less because post-apocalyptic themes do not move me. What did move me was being reminded that a youthful Cillian Murphy was in the film.

*I make exceptions for psychological thrillers, vampires and zombies, but jump scares and gore? No thanks.

As soon as the film started, risk alert bells started ringing in my head. So many security issues in the first scene, I had to restart it from the beginning to properly count them all.

How Did Three Activists Nearly End Humanity?

The opening scene shows three animal rights activists breaking into what's supposed to be a high-security research facility. They cover some cameras, use a keycard to get into restricted areas, and end up releasing an infected chimpanzee that kicks off the apocalypse.

But here's what struck me on the second viewing: this wasn't just movie logic making things convenient for the plot. Every single failure that happens is something I've seen in real security assessments.

The activists knew exactly where the cameras were positioned. They had working keycard access. They understood the facility layout well enough to navigate to the most sensitive areas. That level of knowledge doesn't just happen - someone either helped them, they spent time watching the place, or they got information through social engineering.

Yet nobody detected this reconnaissance phase. The cameras they covered weren't being actively monitored. The keycards worked without any additional verification. Most telling of all, the most dangerous part of the facility - a room full of infected, aggressive test subjects - was being managed by one scientist with no backup.

When Everything Fails at Once

What fascinated me was watching how each security weakness enabled the next failure. The activists got past the perimeter because physical security was minimal. They accessed restricted areas because the keycard system had no two-factor authentication. They reached the lab because there were no escort requirements for people in sensitive zones.

Then, when the single scientist discovered them, he made every decision that security training tells you not to make. Instead of retreating and triggering lockdown procedures, he tried to reason with people who had already committed breaking and entering. When he realised they were about to release dangerous subjects, he kept trying to explain rather than taking defensive action.

The activists, meanwhile, came prepared to photograph evidence and cut through locks, but had no plan for safely handling large, agitated primates. When warned about lethal contagion, they dismissed it completely.

Both sides let emotion override risk assessment. The scientist felt he could prevent disaster through persuasion. The activists felt committed to their mission despite new evidence about danger. Neither party stepped back to reassess when the situation changed.

The Moment Everything Cascaded

The second one activist opened that cage, I could see exactly how security breaches escalate in the real world. One compromised point becomes multiple compromised points within minutes. The infected chimp attacks the person who released it. She attacks her companions and the scientist. What should have been contained to one room becomes the beginning of societal collapse.

This is exactly what happens with cybersecurity incidents. Someone clicks a phishing email. That gives attackers network access. Network access leads to data theft. Data theft leads to identity fraud or financial loss. One small vulnerability, properly exploited, cascades through interconnected systems.

Any single improvement could have stopped this. Better camera monitoring. Two-factor authentication on access cards. Multiple staff in high-risk areas. Proper containment protocols. The film shows how accumulated small compromises create catastrophic single points of failure.

What the Survivors Got Right

Here's where the film becomes really interesting from a security perspective. Jump forward 28 days, and watch how the survivors behave compared to those trained professionals.

Selena and Mark developed immediate threat detection protocols. They can identify infected individuals within seconds and respond without hesitation. When Mark supposedly becomes infected, Selena kills him immediately - no arguments, no hoping for the best, just immediate threat elimination.

Later, when Frank realises he's been infected, he warns the other survivors to stay away. He doesn't hide his condition or try to manage the risk - he follows the protocol that protects the group, even knowing it means his death.

These ordinary people with no training implemented better security thinking than the research facility. They understood that some threats require immediate response rather than negotiation. They prioritised group safety over individual comfort. Most importantly, they learned that some risks are simply too high to accept.

The Real Cost of Security Shortcuts

Watching 28 Days Later through a security lens, what struck me most was how preventable everything was. The research facility cut corners - probably to save money or increase convenience. Single keycards instead of multi-factor authentication. Minimal staffing in high-risk areas. No proper monitoring of security systems.

Each individual shortcut might have seemed manageable. Together, they created a cascade of vulnerabilities that turned activists with wire cutters into an extinction-level event.

In our connected world, this same pattern plays out constantly. A single compromised server might not seem like much, but if it connects to financial systems, critical infrastructure, or personal data for millions of people, the cascading effects can be enormous.

The survivors succeeded because they developed clear threat assessment procedures, implemented immediate response protocols, and made hard decisions based on risk rather than emotion. They took threats seriously and responded appropriately.

What would you have done if you were the scientist who discovered the activists? And as wild as it sounds, can you relate to any part of this movie - maybe a time when you had to make quick decisions under pressure, or when you noticed security gaps that others missed?

The thing that stays with me isn't the zombie apocalypse part - it's how ordinary people under pressure made better security decisions than experts in controlled environments. Makes you think about what really matters when everything goes wrong: following protocols, or actually understanding why those protocols exist in the first place.

Simple Terms Explained

Defence in Depth: Multiple layers of security measures, so if one fails, others still protect the system. Like having door locks, an alarm system, and security cameras - not just relying on one protection method.

Single Point of Failure: A part of a system that, if it fails, causes everything to fail. The facility's single keycard access meant that once compromised, all security was compromised.

Reconnaissance: Gathering information about a target before attacking. The activists learning camera positions and access procedures before their break-in.

Two-Factor Authentication: Requiring two different types of verification to access something. A keycard plus a fingerprint, or a password plus a phone code.

Cascade Failure: When one failure triggers additional failures in a chain reaction. The single security breach led to infected chimp escape, human infection, and societal collapse.

Social Engineering: Manipulating people to give up information or access. Could be how the activists learned about the facility's security setup.