Yep. As a programmer, the encryption of the data instead of deletion immediately jumped out at me. I guess there's a chance it was done to sound more menacing to the audience, but I doubt that given the relative accuracy of the tech in other episodes.
No this is completely 100% technically accurate. It's exactly how you'd go about doing it because any other way wouldn't work.
Imagine you have terabytes and terabytes of data stored across thousands of servers in a giant secure data center.
What happens when you try to destroy all of it?
Ok suppose you just run a script on every server that does "del *.* /s" or "rm -rf"?
First of all, that doesn't actually delete anything, it just removes the file system's references to the data and marks those sectors as "not in use". You can go to the raw sectors on the disk, and reconstruct anything that hasn't yet been overwritten. Not good enough.
Ok so just start filling all the files with random junk? Well that solves that problem, but then you run into more problems.
Deleting data this way is easily detectable. As things get deleted, apps are going to start failing or crashing, if their antivirus doesn't catch you first.
That means someone is going to notice.
Worse, writing junk over everything takes a really long time. A disk might be 4 TB, but only be able to write at 200 MB/s, meaning it will take over 5 hours to wipe.
This means you're easily detected *and* they have ample time to yank power and save most of their data.
Ok, now instead imagine that you install a piece of malware in every server. It loads into the storage driver stack of the target OS, just above the disk driver, but below the file system driver.
If the server issues a read, it reads from the disk and transparently decrypts the data. If the server issues a write, it transparently encrypts the data and writes it to the disk.
Without carefully inspecting the servers for your malware, no one has any clue what's going on. If you do it right, no one will know, except that every read and every write is just a tiny bit slower.
Then you wait, as your malware slowly encrypts all of the disks in the data center.
Once the last sector on every disk on every server in the data center is encrypted (which could take days or weeks), at that time, you erase JUST the encryption key (which takes milliseconds), then crash every server.
Almost instantly, the whole data center is *gone*. They had no time to react, no time to cut the power, no time to save anything, and no idea anything happened.