Seven Security Lessons from Rogue One: A Star Wars Story

Rogue One and A New Hope are stories of good vs evil, light vs dark, but ultimately are defined by insider infiltration, cunning social engineering and ultimately… poor data protection.

The Empire was ultimately defeated by the fact the Rebels stole the plans to exploit security flaws in the Death Star. These seven steps show how the security blunders that the Empire made in Rogue One: A Star Wars Story facilitated the biggest data breach in the galaxy, and what they can teach us about security and compliance.

Be warned. Spoilers ahead!

#1: Not Mitigating Insider Threats

In Rogue One, Galen Erso is the ultimate insider threat. Erso is strongly opposed the construction of the Death Star, but he was coerced by Imperial weapons developer Orson Krennic, into serving as the station’s lead architect against his will.

Erso played along, but secretly stalled the Death Star’s construction from within as much as possible. He even manufactured a critical weakness within the station and sent another defector, Bodhi Rook, with a message informing the rebels about the vulnerability. Krennic’s fatal error was entrusting vital information and processes to someone who openly opposed his organization.

In real life, some of the most damaging data breaches, such as that of Soviet spy Robert Hanssen, have been caused by insiders who didn't buy into the mission of their organizations. Learn from Krennic’s mistake: mitigate insider threats by only hiring employees who you know are on board with your organization’s goals. Use security analytics, like SIEM tools to track how they are accessing resources over time. While you need to trust, you should also verify.

#2: Not Implementing Defense in Depth

The Imperial garrison at Scarif, where the Death Star schematics are being stored, is protected by a planetary deflector shield that blocks all spaceships and radio signals. It’s the ultimate firewall. However, as formidable as this defense was, once past it, our hero Jyn Erso and her comrades are able to slip through the atmospheric shield defenses. It’s the classic “hard shell, chewy centre” security pattern that exists in many on-premise data centers, which enable malicious actors free reign once past a perimeter.

The Empire would have done well to bone up on the concept of Defense in Depth: overlapping systems designed to provide security even if one of them fails. In real life, this includes a combination of multi-factor authentication (MFA), unified endpoint management, identity and access management (IAM), cloud access security brokers (CASB), and other components.  

#3: Falling for Social Engineering

Speaking of the Scarif deflector shield, Bodhi was able to get through the shield gate using outer space social engineering. Bodhi knew the Imperial protocol for taking a ship through a checkpoint; he had an Imperial ship, and he had an authentication code, albeit an old one. That was enough to convince the gate controllers, perhaps lulled into a false sense of security from the planetary defense shield, to let him, Jyn, and our other heroes pass through.

In real life, it’s critical to be on guard for social engineering. “People make the best exploits” for security hacks, as one of our other favourite shows has put it.

#4: Not Putting a Face to Identity

After touching down on Scarif, K2SO, the disguised Jyn and Cassian are able to stroll right into the Imperial base without any Empire personnel giving them a second glance. It’s not until the rebel soldiers begin their assault on the base that anyone even thinks to question them. By that point it was too late -- Jyn and company had already reached the data vault they were looking for.

In our universe, it’s critical to put a face to identity so that you know who is in your facilities. You can do this by choosing an IAM system whose user profile page includes user photos, and that these can be automatically imported from Human Capital Management (HCM) systems like Workday, Ultipro, and Namely, or uploaded by users or IT.

#5: Not Shutting out Compromised Machines

Two of the Rogue One crew’s most valuable assets are Bodhi Rook’s stolen Imperial shuttle and the reprogrammed imperial droid, K2SO. As mentioned above, these resources make it easy for our heroes to slip behind imperial lines.

You would think that the Empire would have systems in place to instantly detect these compromises, and remotely shut down assets to prevent them from being exploited. Wouldn’t it have been helpful if the Empire could remotely monitor the locations and times their shuttles were being used? Or if they could identify suspicious droid activity and shut that droid down with a single button-press?

There are many moments in Rogue One where the Empire would have been saved a lot of grief if they had implemented these types of systems.

#6: Allowing Mnemonic File Names

After infiltrating the data vault toward the end of the movie, Jyn and Cassian search through the necessary data stores to find the Death Star schematics. Eventually, they come to a file called “Stardust”, the nickname Galen gave his daughter, Jyn, before the Empire conscripted him into service. Upon seeing this name, Jyn knows that this must be the file they are looking for.

In our universe, a benefit of cloud security is that each cloud data center has tens of thousands of servers, each one cryptically named. So, even if a hacker somehow managed to get past the formidable security guarding a cloud data center, there’s no easy naming scheme to instantly get them to the server with the data they are looking for.

#7: Single Point of Failure

After finally retrieving the Death Star schematics, Jyn and Cassian are faced with another problem: the data file they need to transmit is too large to be sent through the Empire’s atmospheric shield surrounding Scarif. The shield must be disabled before they can deliver the plans to the outside rebel forces.

Conveniently enough, the shield generators are positioned just outside the shield perimeter. A rebel hammerhead ship forces two star destroyers to crash into each other, which then crash into the shield generator. Once the shield was down, there was nothing preventing the Death Star schematics from being delivered into the hands of the rebellion.

In real life, security systems such as an IAM system should have redundancy to provide increased uptime, and should not allow access if they go down.

The Cost of Negligence

The Empire’s failure to enact basic security precautions ultimately came with massive costs in finances, casualties, reputation and wasted time. One estimate is that it cost the Empire $852 trillion, roughly 13,000 times Earth’s GDP, to build the Death Star — not to mention the significant competitive advantage lost to the rebels.

In our galaxy, Forrester estimates that data breaches typically cost about $4 million to remediate, with each record lost costing anywhere between $50 and $300. Happy Star Wars day, and may the force be with you.

What’s Hot on Infosecurity Magazine?