Today as most of the fans of the Star Wars world we will watch one or a few of our favorite Episodes and geek out with our friends about story arcs and cannon. There was a perspective I had not considered until a few years ago. Princess Leia and R2-D2 were fleeing with plans stolen from the Empire. Or to put it another way, They were hackers that breached the Empires computer system and exfiltrated that data on a bot.
So double down on the geek out. I got to ask myself, "What was the security process that was broken to allow a hacker and her droid to steal the information?"
The first layer was physical security and I think Princess Leia may have social engineered her way into the location. Allegedly.
Then R2, which is a mech droid is apparently outfitted with a Hacker Toolkit. Like an R2 Kali Linux fork or maybe he is like the Flipper. R2-D2 can access any Empire information from the com port. I think on the defensive and I was like, "should have had port security turn on or had the unused port turned off." Then all the speculation if its like IP networks we have, did they separate the traffic? Is there policies or firewall rules in place? Then was there any authentication? Did R2-D2 use stolen credentials? Did the Empire not change the default user name and passwords. How was R2-D2 so skilled at circumventing the security. I assume there was sort of security due to the fact that alarms do go off in other Episodes and guards are sent to the area.
In the end it was devastating in that the information stolen in the Data Breach caused countless lives to be lost and turned the tide on the Empire. We as fans who are security and network experts go down the rabbit hole on what could have been done to protect that information. Hope is not a plan for Cybersecurity. There is one positive note we seem to agree on, that Darth Vader had a solid response plan. He gets into pursuit quick enough that data couldn't be transmitted from the ship. That goes down another path, What is quick enough? Was there an SLA?
Hours of fun debate using the same Cybersecurity skills that we use in real life. I grew up rooting for with Rebellion, but I'd like to think if I had to secure the Empires information, the story might have ended at Rogue One.
--- Nicholas D.
CEO, FIGJAM Technologies Inc.