Finding The Hidden InfoSec Story

The Lessons of Star Wars

Photo Credit: Photog Silva via Compfight cc

With Star Wars featuring very heavily in the media, I am taken back to my childhood and memories of watching those first films.

Whilst I could dwell on the key story of good versus bad or on the specific characters within these fantastic stories, I am drawn to think of the technology that they had in this alternative universe.

The Empire (the bad guys) was clearly very technically advanced, their budget for research and development must have been immeasurable, never mind what they spent on security. There also seemed to be a member of the empire for every conceivable role, they must have had someone to do every small or big job needed.

Think of some of the amazing technology they had access to – futuristic weaponry and spaceships. At one end of the scale, one person Tie Fighters which were so quick and manoeuvrable, at the other end of the scale colossal spaceships carrying thousands of people. These ships were so advanced that they could go to hyper-speed and traverse galaxies in moments. Their assets were clearly very important to them, none more so than the Death Star.

The Death Star, the Crown Jewels of the Empire, received all the attention and focus it needed, except for one detail.

The Empire made the mistake that many organisations make: they left something unpatched and open to outsiders. In this instance it was an exhaust port.

During a vulnerability assessment the Rebels were able to identify this weakness, much as external hackers use tools to identify the weaknesses in your internet systems. Once they had identified the weak spot they were able to design a successful attack and the rest is cinematic history.

Only time will tell if the Empire truly learnt from this error, but we can all learn from their mistakes and ensure that we understand our own exposure online by performing vulnerability assessments ourselves to know if any of our “exhaust ports” are left unpatched so we can shield them.

After all what would have happened to the attack if they had simply covered over the port? That would have made for a very different series of films.

Author: Matthew Parker

Share This Post On