Stronger Cybersecurity Could Have Saved the Death Star
Posted by: Timothy Weaver on 12/19/2015 10:18 AM
[
Comments
]
The people at WeLiveSecurity studied the Empire's data security measures and found that the emperor and Darth Vader allowed several oversights. Those oversights led to Luke being able to fire into the crucial and vulnerable two-meter wide exhaust port and detonate the Death Star at the culmination of the first movie.
What WeLiveSecurity found was that the Empire was ignorant, and the Rebel Alliance understood, the importance of end to end encryption.
“Leia understands that if R2-D2 is captured, she can feel somewhat confident that the sensitive data will remain secure – in other words, while it might now be in the hands of the bad guys, it's still unreadable. Only Obi-Wan has the key needed to decrypt the message, meaning the princess' secret plea for his assistance can only ever be unlocked by the Jedi Master,” WeLiveSecurity said.
Grasping the importance of social engineering and being able to defend against it was another issue for the Empire. Obi-Wan used The Force to fool the storm troopers into letting them pass while in Mos Eisley. Had the Empire instituted better security, Luke and Obi-Wan would have been arrested.
“Had they been aware of social engineering techniques, like Jabba the Hutt in Return of the Jedi, then Obi-Wan may have had to have resorted to bypassing security in another way,” WeLiveSecurity said.
The Death Star happily locked onto the Millennium Falcon with a tractor beam and brought it aboard having no idea the ship contained the implements of its destruction, just like any computer Trojan that is allowed to enter a company network.
“If you don't invest in strong passwords and 2FA solutions, then, coupled with an open access policy to your network – as opposed to only senior employees possessing the rights to this – you're likely to experience some sort of data breach, big or small and intentionally or otherwise,” WeLiveSecurity concluded.
Source: SCMagazine
What WeLiveSecurity found was that the Empire was ignorant, and the Rebel Alliance understood, the importance of end to end encryption.“Leia understands that if R2-D2 is captured, she can feel somewhat confident that the sensitive data will remain secure – in other words, while it might now be in the hands of the bad guys, it's still unreadable. Only Obi-Wan has the key needed to decrypt the message, meaning the princess' secret plea for his assistance can only ever be unlocked by the Jedi Master,” WeLiveSecurity said.
Grasping the importance of social engineering and being able to defend against it was another issue for the Empire. Obi-Wan used The Force to fool the storm troopers into letting them pass while in Mos Eisley. Had the Empire instituted better security, Luke and Obi-Wan would have been arrested.
“Had they been aware of social engineering techniques, like Jabba the Hutt in Return of the Jedi, then Obi-Wan may have had to have resorted to bypassing security in another way,” WeLiveSecurity said.
The Death Star happily locked onto the Millennium Falcon with a tractor beam and brought it aboard having no idea the ship contained the implements of its destruction, just like any computer Trojan that is allowed to enter a company network.
“If you don't invest in strong passwords and 2FA solutions, then, coupled with an open access policy to your network – as opposed to only senior employees possessing the rights to this – you're likely to experience some sort of data breach, big or small and intentionally or otherwise,” WeLiveSecurity concluded.
Source: SCMagazine
Comments
